[Senate Hearing 105-711]
[From the U.S. Government Publishing Office]
S. Hrg. 105-711
COUNTERTERRORISM--EVALUATING THE 5-YEAR PLAN
=======================================================================
HEARING
before a
SUBCOMMITTEE OF THE
COMMITTEE ON APPROPRIATIONS
UNITED STATES SENATE
ONE HUNDRED FIFTH CONGRESS
SECOND SESSION
__________
SPECIAL HEARING
__________
Printed for the use of the Committee on Appropriations
Available via the World Wide Web: http://www.access.gpo.gov/congress/senate
______
U.S. GOVERNMENT PRINTING OFFICE
51901 cc WASHINGTON : 1998
_______________________________________________________________________
For sale by the U.S. Government Printing Office
Superintendent of Documents, Congressional Sales Office, Washington, DC 20402
COMMITTEE ON APPROPRIATIONS
TED STEVENS, Alaska, Chairman
THAD COCHRAN, Mississippi ROBERT C. BYRD, West Virginia
ARLEN SPECTER, Pennsylvania DANIEL K. INOUYE, Hawaii
PETE V. DOMENICI, New Mexico ERNEST F. HOLLINGS, South Carolina
CHRISTOPHER S. BOND, Missouri PATRICK J. LEAHY, Vermont
SLADE GORTON, Washington DALE BUMPERS, Arkansas
MITCH McCONNELL, Kentucky FRANK R. LAUTENBERG, New Jersey
CONRAD BURNS, Montana TOM HARKIN, Iowa
RICHARD C. SHELBY, Alabama BARBARA A. MIKULSKI, Maryland
JUDD GREGG, New Hampshire HARRY REID, Nevada
ROBERT F. BENNETT, Utah HERB KOHL, Wisconsin
BEN NIGHTHORSE CAMPBELL, Colorado PATTY MURRAY, Washington
LARRY CRAIG, Idaho BYRON DORGAN, North Dakota
LAUCH FAIRCLOTH, North Carolina BARBARA BOXER, California
KAY BAILEY HUTCHISON, Texas
Steven J. Cortese, Staff Director
Lisa Sutherland, Deputy Staff Director
James H. English, Minority Staff Director
------
Subcommittee on Commerce, Justice, and State, the Judiciary, and
Related Agencies
JUDD GREGG, New Hampshire, Chairman
TED STEVENS, Alaska ERNEST F. HOLLINGS, South Carolina
PETE V. DOMENICI, New Mexico DANIEL K. INOUYE, Hawaii
MITCH McCONNELL, Kentucky DALE BUMPERS, Arkansas
KAY BAILEY HUTCHISON, Texas FRANK R. LAUTENBERG, New Jersey
BEN NIGHTHORSE CAMPBELL, Colorado BARBARA A. MIKULSKI, Maryland
ROBERT C. BYRD, West Virginia
(ex officio)
Subcommittee Staff
Jim Morhard
Kevin Linskey
Paddy Link
Dana Quam
Scott Gudes (Minority)
Emelie East
Detailees
Carl Truscott
Derek Orr
C O N T E N T S
----------
DEPARTMENT OF JUSTICE
Page
Statement of Hon. Janet Reno, U.S. Attorney General.............. 1
Statement of Hon. Louis J. Freeh, Director, Federal Bureau of
Investigation.................................................. 1
Prepared statement of Senator Judd Gregg......................... 3
Attorney General's opening statement............................. 3
Five-year counterterrorism plan.................................. 4
Current response to terrorist attacks............................ 4
Involvement of Strategic Information Operations Center........... 5
Domestic emergency support team.................................. 6
Training exercises............................................... 6
Encryption....................................................... 6
Cybercrime....................................................... 7
Overseas terrorist acts.......................................... 8
Prepared statement of Janet Reno................................. 9
Nature of the terrorist threat................................... 11
Organization of the Federal Government to prevent and respond to
terror- ism.................................................... 12
Improving our capability to prevent and respond to terrorism..... 19
Director Freeh's statement....................................... 21
History of counterterrorism...................................... 21
Counterterrorism threats......................................... 22
Counterterrorism coordination.................................... 23
Role of the NSC.................................................. 24
Role of National Guard and DOD................................... 24
Domestic preparedness program.................................... 25
DOD-Justice coordination......................................... 25
Status of title V exemption...................................... 26
Infrastructure protection........................................ 27
Israeli hacker case.............................................. 27
International cybercrime......................................... 28
Technology exploitation.......................................... 30
Encryption....................................................... 31
Anthrax threat in Las Vegas...................................... 32
International coordination....................................... 32
Pan Am bombing................................................... 33
Improving response to terrorism.................................. 34
Prepared statement of Senator Richard C. Shelby.................. 35
Additional committee questions................................... 36
Questions submitted by Senator Pete V. Domenici.................. 36
U.S. attorneys............................................... 36
Counterterrorism technology R&D.............................. 37
First responder training..................................... 40
National Infrastructure Protection Center.................... 44
Mexico drug certification.................................... 45
Questions submitted by Senator Ernest F. Hollings................ 47
Cybercrime................................................... 47
State and local cooperation.................................. 50
Wire tapping/encryption...................................... 52
NSC domestic antiterrorism czar.........................52
(iii)
COUNTERTERRORISM--EVALUATING THE 5-YEAR PLAN
----------
TUESDAY, MARCH 31, 1998
U.S. Senate,
Subcommittee on Commerce, Justice, and
State, the Judiciary, and Related Agencies,
Committee on Appropriations,
Washington, DC.
The subcommittee met at 9:57 a.m., in room S-146, the
Capitol, Hon. Judd Gregg (chairman) presiding.
Present: Senator Gregg.
Also present: Senator Shelby.
DEPARTMENT OF JUSTICE
STATEMENTS OF:
HON. JANET RENO, U.S. ATTORNEY GENERAL
HON. LOUIS J. FREEH, DIRECTOR, FEDERAL BUREAU OF INVESTIGATION
Senator Gregg. It is a little early, and I certainly
appreciate the Attorney General and the Director being here
early. But I suspect there are other Senators that are going to
come, so I will make my statement and take it up to 10 o'clock,
and, hopefully, the other members will be here.
We do have a vote at 10:30, and I would hope that we could
get the opening statements of the Attorney General and the
Director in before that, and then come back and do questions
right after the vote.
The purpose of this hearing is to review the efforts of the
agencies, of the Justice Department, specifically, but the
agencies generally within the Government that are charged with
the question of counterterrorism and protecting our country
from terrorist acts.
A couple of years ago this committee became very focused on
this issue, and initiated the first major expansion of funding
in the area of counterterrorism. The purpose of that was to
assist the FBI, specifically, and other agencies throughout the
Government in being able to pursue an effective
counterterrorism strategy. That has been very successful in the
sense that it has brought about an expediting of planning and
an expediting of the efforts of coordination. As chairman, I
have had a chance to visit almost all the major agencies
involved in counterterrorism, not only those that are under the
jurisdiction of this committee, but also agencies outside the
jurisdiction of this committee.
This committee does have a large jurisdiction, because it
has both the FBI and the Justice Department, which have the
domestic responsibility, and it has the State Department, which
has the international responsibility. And in visiting these
agencies, I must say I have been impressed with the energy, the
enthusiasm, and the commitment and the sincerity of the
commitment in trying to develop a coordinated counterterrorism
strategy for the country.
But we are clearly in the infancy stage. We are not, by any
stretch of the imagination, at a point where we have a mature
program that is effectively functioning and that really is not
the failure of the Government agencies involved. It is simply
the factor of the threats changing so radically as we move into
this part of the history of man--especially the expansion of
weapons of mass destruction--something that had not really been
anticipated at the level it is today, even just a few years
ago. We did not know the effects that terrorist action can have
on the infrastructure, which has now become so electronically
dominated.
Those two factors, which really were not a high visibility
threat just 5 years ago, are today not only a high visibility
threat, but a legitimate threat, and something that we have to
address. So tooling up to address those factors, those two
areas, has been and will continue to be an intense and complex
effort. I certainly respect and congratulate the various
agencies that have been involved in this.
The primary concern of this committee is the jurisdiction
of the Justice Department and the State Department, but we have
attempted, as a committee, to try to push a coordinated
strategy. As part of that we asked for a report which the
Attorney General is going to talk about today, which would
develop a core around which we could develop a strategy. I look
forward to hearing about that report.
In addition, we have as a committee made a commitment of
resources which is considerable. We want to make sure those are
not being duplicated in other departments, but are going toward
the specific needs that we have assessed as necessary in order
to address this threat.
In sort of a declining level of threat, the first threat is
weapons of mass destruction, exercised either by individuals or
by other nations. The second threat is the threat to our
infrastructure, especially the technology threat to our
infrastructure. The third threat is an individual acting as a
free lancer, or an individual group acting as a free lance
group, which commits a terrorist act. Each one of these threats
take different response structures and fairly complex response
structures.
The question is, are we putting together a process which
adequately anticipates the threat, and, hopefully, gives us the
opportunity to cut it off before it occurs, not only
domestically, but internationally? Second, if we have an event
occur, are we adequately equipped to respond to it both from a
standpoint of taking care of the damage and the injuries which
may occur and also pursuing the perpetrators. Those are the
elements that need to be addressed in any comprehensive
counterterrorism strategy.
The problem is that we have, by my count, something like 15
different agencies which are charged at some level with
counterterrorism responsibility. They are across the
Government, and the coordination of those agencies is what the
first step has to be--making sure that they are talking to each
other and that there is a central, coordinated approach to the
issue.
prepared statement of senator gregg
And so that is what the committee asked the Attorney
General and the FBI to develop, and we are going to hear today
as to how that is proceeding. There have been press reports
relative to, regrettably, some turf issues, which, hopefully,
we can address today. We can talk a little bit about where we
need to go from here, as we go from the process of developing a
strategy to the process of implementing one.
[The statement follows:]
Prepared Statement of Senator Judd Gregg
I want to thank the Attorney General and the FBI Director
for coming here today. Terrorism is both a threat to our
national security as well as a criminal act. We must use all
appropriate means to deter, defeat, and respond to terrorist
attacks.
That is why last year, this subcommittee directed the
Attorney General to prepare a plan that would lead us to being
pro-active to the threat and also be able to respond to a
terrorist event.
While the number of terrorist incidents has declined in
recent years, the level of violence and lethality of attacks
has increased. There is a continuing trend toward more ruthless
attacks on civilian targets. Also, the capability of hostile
nations and terrorists groups to acquire weapons of mass
destruction is greater than ever before.
Until this decade, biological and chemical weapons were the
province of superpowers or renegade states like Iraq and North
Korea. All that changed with the Aum Supreme Truth sect in
Japan. The cult's scientists produced anthrax, botulin toxins
and sarin.
We talk of weapons of mass destruction and you immediately
think of nuclear weapons. A nuclear incident is actually a less
likely scenario than biological or chemical weapons attacks.
Also, we must begin to educate people on the risks involved
with computer systems that make up much of our critical
infrastructure. It is now reported that six out of ten
businesses, government offices, and universities are reporting
computer security breaches. Many incidents continue to be
adolescent pranks, but security experts universally agree that
the political and financial risks of break-ins will rise.
The plan we directed the Attorney General to do is in its
first phase. The working groups have been assembled. They will
address prevention, deterrence, crises management, consequence
management, cyber-terrorism, critical technologies and R&D.
These working groups are made up of DOJ, FBI, DOD, Treasury,
CIA, NSA, DOE, EPA, FEMA, PHS, FAA, Commerce, and DOT.
I commend the Attorney General for her effort on this
important issue. None is more important to this Nation. And no
one wants to look back and say we could have done more.
attorney general's opening statement
Senator Gregg. I thank the Attorney General and the
Director for being here, and since it is 10 o'clock we shall
proceed. So, Madam Attorney General.
Ms. Reno. Thank you, Mr. Chairman.
Mr. Chairman, I think I speak for Director Freeh, as well.
We both appreciate the leadership that you have shown in this
area. The great time and effort that you have put into visiting
the agencies, understanding the issues, and prodding all of the
Government to come together to develop cohesive plans that can
effectively address modern day terrorism.
five-year counterterrorism plan
One of the points that you have raised is your desire as
spelled out in the appropriations bill for a 5-year interagency
counterterrorism and technology plan.
As you know, we have submitted to you an outline of issues
for a 5-year interagency counterterrorism and technology crime
plan, and have gone over it with you and will continue to keep
you apprised as we prepare this plan. It is my expectation that
the final plan will constitute a road map of counterterrorism
efforts for the next 5 years, which will demonstrate both the
existing strength and future enhancement of these interagency
efforts.
It will be tied in with the spending plan that you again
have taken the leadership to mandate, which I think has already
proven to be a useful tool in making sure that we use our
limited dollars as wisely as possible, building on
appropriations efforts in the various agencies.
current response to terrorist attacks
Our primary objective is to prevent terrorist attacks
before they occur. I think we spelled that out clearly in the
strategy. The life blood of prevention, however, is foreign
intelligence information from the intelligence community about
the identity, the plans and the movement of international
terrorists, and information developed by the FBI about the
activities of terrorist groups in this country.
The FBI vigorously and appropriately develops information
from a variety of sources, consistent with the Attorney General
guidelines, on general crimes, racketeering enterprise, and
domestic security terrorism investigations. Information about
terrorist threats is shared with appropriate agencies in a
threat assessment conference which analyses the threat,
determines whether it is plausible, and how the threat might be
carried out; then prepares and positions the appropriate
resources to respond to the threat.
The procedures for responding to threatened or actual
terrorist events represent more than just abstract plans. They
have been developed based on lessons learned in responding to
past terrorist events.
I would like to publicly commend Director Freeh for the
leadership that he has shown in a number of arenas with respect
to the prevention of terrorist attacks in the United States,
with the thoughtful way that he has approached it, in terms of
gathering the information, consistent with the guidelines,
working with State and local agencies across the country, and,
I think, taking very effective action.
Many of these plans have been the subject of tabletop and
field training exercises which facilitate the development of
important coordinative relationships and the identification of
those procedures which require modification of refinement.
When we are confronted with a major terrorist act within
the United States, it is almost always local authorities who
are the initial responders. It is their efforts in the minutes
following a terrorist act that we rely on to save lives,
contain the scope of the crisis, and apprehend terrorists who
may be fleeing the scene. It is for this reason that programs
that provide training and support for local authorities such as
those provided by the Defense Against Weapons of Mass
Destruction Act of 1996 are so important.
As a matter of established practice, local authorities
quickly notify the local FBI office of the event. Bureau field
offices are trained to initiate immediately and simultaneously
a number of responsive actions when confronted with a major
terrorist act. Those actions, which are undertaken in
coordination with the other agencies, include the initiation of
a site survey of the crime scene to assess the potential of
continuing danger and to evaluate preliminarily the relevant
forensic aspects of the crime; coordinate with local emergency
responders in an effort to insure optimal efforts to save lives
while preserving evidence important to a later prosecution;
notification of headquarters and the local U.S. attorney's
office.
They form a joint operation center in proximity to the
crime scene to bring together representatives of all pertinent
Federal, State, and local agencies; they identify and
coordinate with the U.S. attorney and local authorities a
central point of contact for the dissemination of information
to the public. And I think under Director Freeh's leadership
what was done in Oklahoma City, with Oklahoma City police, with
so many people working together was a classic example of how it
should be done.
involvement of strategic information operations center
While these activities are underway in the field, the
headquarters in Washington immediately act to bring together
the pertinent headquarters support staff. The Strategic
Information Operations Center [SIOC] is immediately activated
and staffed on a 24-hour basis. It combines the resources and
expertise of representatives of 19 Federal agencies, which
support this effort, and the representatives of the pertinent
agencies are integrated into the SIOC operation.
Additionally, officials at headquarters coordinate through
the SIOC, and evaluate with the Bureau's on scene commander and
the local U.S. attorney the deployment of additional
specialized resources to the scene. These resources include
experts in explosives, bomb scene reconstruction, and evidence
preservation; specialized units such as evidence response
teams, hazardous materials response unit, and a rapid start
computer data base team.
This has been fascinating to watch, the use of the rapid
start system, and the ability of the Bureau to assimilate in
very rapid fashion pieces of data from so many different parts
of the investigation into an inclusive whole that can be used
so effectively, both to identify the perpetrator and to prepare
the case. And this early ability to respond in that fashion, I
think, has proven essential in some of our successes.
Agents with pertinent skills from surrounding Federal
investigative field offices are made available. FBI SAC's with
specialized training in crisis response are available on a 24-
hour basis. Where multiple SAC's are sent in to augment the
local SAC, one is selected as the overall on scene commander.
In addition, we have attorneys who are trained in critical
incident response available to advise and assist the local U.S.
attorney.
domestic emergency support team
When appropriate, the FBI can activate the domestic
emergency support team [DEST], which is an interagency team
that can be tailored to the needs of the specific terrorist
event, and is available to be air lifted to the scene within a
matter of hours.
Its function is to provide the expert guidance that is
necessary, especially to address chemical, biological, and
nuclear incidents. The chem-bio module combines the expertise
of representatives from the FBI, DOD, the Public Health
Service, EPA, and FEMA. The nuclear radiological module
combines the expertise of representatives of the Bureau, the
Department of Energy, the Department of Defense, the Public
Health Service, and FEMA.
Through the utilization of these and other procedures, it
is possible for the Department of Justice and the FBI, working
together with other agencies to quickly mount a major, highly
trained response to a terrorist threat or act. That response is
designed to integrate the efforts of all involved through the
Joint Operations Center, while using the SIOC to insure that
nationwide and pertinent worldwide support from all appropriate
Federal agencies is available in a prompt and coordinated
manner.
While we believe that the response plan is sound, we
recognize that the threat posed by chemical, nuclear, and
biological weapons poses tremendous challenges that require
that capabilities and coordination be enhanced at all levels of
Government.
training exercises
Training exercises are conducted frequently to evaluate
progress. For example, the FBI's critical incident response
group [CIRG] sponsors eight regional crisis management training
exercises annually, many of which involve weapons of mass
destruction. Each exercise involves personnel from FBI
headquarters and multiple field offices, as well as other
pertinent Federal, State, and local agencies.
encryption
Let me briefly address one problem that is posed to our
terrorism and enforcement efforts by developing technology. The
widespread use of strong encryption by terrorists and other
criminals, unless it provides for lawful access to plain text
by law enforcement authorities, would have catastrophic
implications for our ability to detect, prevent, and
investigate terrorism. Unbreakable encryption allows terrorists
to communicate about their criminal plans with impunity.
Developing a balanced approach to robust encryption is an
extremely serious public policy issue that urgently, urgently
needs to be resolved, and requires attention from Federal,
State, and local Government officials and from the private
sector.
To this end, the administration has launched a focused
initiative to work closely with the information technology
industry to develop technical and policy solutions that
represent balanced approaches to strong encryption. We have
requested a legislative moratorium on encryption matters while
we attempt to develop these solutions. Another problem posed by
evolving technology relates, as you have pointed out, to
cyberterrorism.
To date, U.S. interests have not been victimized by
cyberterrorism. However, the potential is clearly present, and
the significance of the threat is reflected in the work of the
President's Commission on Critical Infrastructure Protection,
which issued its report in October 1997.
cybercrime
One unique challenge presented by computer crime is that it
knows no geographic bounds. As a result, we have established
local, regional, and national capabilities to provide the
flexibility necessary to address this type of crime.
Additionally, we are working with our foreign counterparts
through, for example, a subcommittee of the eight, the Council
of Europe, and the Organization for Economic Cooperation and
Development to develop effective mechanisms for coordination.
In February 1998, I announced the formation of the National
Infrastructure Protection Center, which encompasses and expands
the mission of the FBI's Computer Investigations and
Infrastructure Assessment Center, which was formed in 1996.
One of the strengths of the NIPC is that it integrates the
efforts of two Federal agencies which shared jurisdiction over
cybercrime--the Secret Service and the FBI. Additionally, we
have formed regional FBI computer crime squads with technical
skills and equipment. These squads work closely with the
computer telecommunications coordinator [CTC] in each U.S.
attorney's office within their region. All U.S. attorney's
offices now have a specially trained CTC.
Utilizing these resources and coordination arrangements, we
are preparing ourselves to address potential acts of
cyberterrorism. Investigators and prosecutors are trained to
work backward through the chain of victim systems to locate the
criminal at the source. They are also trained to work forward
to identify other victims and to ascertain the full scope of
the crime.
While we are at the early stages of our preparations to
address this type of terrorist attack, much progress has been
made in a short time, and we are committed to the expeditious
continuation of this effort.
One aspect of this effort is to overcome the lack of up-to-
date tools in the arsenal of the Federal Government, and to
identify equipment that is necessary. In addition, Federal
personnel sometimes lack the appropriate training and expertise
in the cyber area to effectively interact with the private
sector and to draw on its expertise.
It is critical that we reach out to industry and academia
to identify areas in which we can be effective partners. I am
committed to such a process, and the FBI, using the resources
that you provided in fiscal year 1998 is undertaking such an
effort.
We will be working with industry to enhance the skill of
our employees, and to seek their advice on the latest state-of-
the-art equipment and other tools necessary to meet our
counterterrorism responsibilities. Although we have not yet
reached a final conclusion, I think that we may need to develop
an approach that would permit the Federal Government to
accelerate the normal procurement procedures, and quickly
identify and deploy new technology in order to thwart terrorist
threats.
These procedures would be used not only to buy new tools,
but also, in some instances, to borrow tools or enter into
effective partnerships with both academia and the industries as
a way to address potential terrorist threats.
As part of our work with you to develop the 5-year
counterterrorism strategic plan, we will be presenting
proposals to you on how we can rapidly address these new
issues. A major approach will be the establishment of
partnerships with industry. Further, we anticipate establishing
a mechanism for sharing the benefits of this overall effort,
including the most recently developed technology and training
with our State and local partners. You and I have talked about
that issue, both with respect to forensic labs around this
country, and with respect to these complex, expensive forensic
tools. And I think we need to develop means of, regionally and
on a State and local basis, sharing these tools so we do not
have to spend a lot of money and duplicate each other's
efforts.
overseas terrorist acts
Turning to terrorist acts overseas, during the past two
decades, U.S. Government facilities in other countries, and
Americans traveling outside the United States have been the
target of choice for international terrorists. U.S. policy for
responding to such acts combines diplomatic, intelligence,
military, and criminal justice resources. The objective of that
policy is to deter, defeat, and respond vigorously to all acts
of international terrorism against U.S. interests.
It is a critical part of that policy that we apprehend and
prosecute those who plan or perpetrate such attacks. It is not
unusual for these investigations and the apprehension and
rendition of defendants for trial in the United States to take
years to complete. However, in our commitment to the effort,
our effort is absolutely steadfast. Our memory is very, very
long.
With deference to the committee's time this morning, I
would refer you to my written statement for a full description
of how we have responded in these instances. Much progress has
been made during the past few years in preparing the United
States to prevent acts of terrorism and to respond to the
terrorist threats that do arise.
prepared statement
However, many challenges remain, including particularly
those relating to the weapons of mass destruction and the
cyberterrorism threat. Through the process of developing the 5-
year counterterrorism and technology plan we will continue to
address an interagency response to these challenges, and to
work with the committee in this effort.
Thank you.
[The statement follows:]
Prepared Statement of Janet Reno
introduction
It is my privilege to appear before you today for the purpose of
continuing the Department of Justice's discussions with you on our
efforts to combat the scourge of terrorism.
When I testified before the Senate Appropriations Committee last
September, I outlined the Government's policy in dealing with acts of
terrorism, the government's strategies to deter and prevent terrorist
acts, and the government's abilities to respond quickly and decisively
to terrorist acts. I also addressed our growing capabilities to detect,
prevent, defeat, and manage the consequences of nuclear, biological,
and chemical material and weapons used by terrorists. I would like to
use this opportunity today to highlight for you our progress in these
areas. I would also like to address the challenges posed by our growing
interdependence of critical infrastructures and the Department's
response to the report and recommendations of the Presidential
Commission on Critical Infrastructure Protection in October 1997. In
particular, I will address the Department of Justice's creation of the
National Infrastructure Protection Center (NIPC) within the Federal
Bureau of Investigation. Finally, I would like to focus my testimony on
the processes of interagency cooperation and consultation that we draw
upon when we have to respond to and investigate terrorist incidents in
the United States and abroad. These processes are increasingly
indispensable to our efforts to confront the challenges posed by
cyberterrorism, weapons of mass destruction, and protection of critical
infrastructures against terrorist threats.
Mr. Chairman, you and this subcommittee have provided outstanding
leadership focus on improving the processes for interagency cooperation
and consultation in counterterrorism activities and on enhancing the
technological capabilities of all entities with counterterrorism
missions. The Conference Committee Report accompanying the 1998
Department of Justice Appropriations Act directs the Attorney General
to develop a 5-year interdepartmental counterterrorism and technology
crime plan to serve as a baseline strategy for coordination of national
policy and operational capabilities to combat terrorism. The plan is to
be representative of all agencies involved in the government's
counterterrorism effort and to draw upon the expertise of academia, the
private sector, and state and local law enforcement. The final plan
must be submitted by December 31, 1998, and updated annually
thereafter. In close cooperation with my colleagues across the
government, I intend to devote the full resources of the Department of
Justice to developing and implementing this plan. Accordingly, I have
established an interagency resource and review group, composed of
representatives of key federal agencies with counterterrorism
responsibilities. Efforts are now underway to collect information and
insights from them concerning their current and proposed programs and
recommendations for action that need to be taken during the next five
years to improve the counterterrorism capabilities of the United
States.
You are correct in the assessment, Mr. Chairman, that for the
Federal Government to carry out its counterterrorism efforts, we must
develop and sustain effective partnerships not only with state and
local law enforcement but also with industry, including the national
laboratories, and academia as well. The threat, particularly in the
area of cybercrime, requires expertise and equipment often difficult
for the Federal Government to acquire through normal processes. We must
develop flexible mechanisms that will allow us to engage in effective
partnerships with industry and academia as well as enhance Federal
resources in this area.
One of the criticisms that I have heard from experts in this area
is that often the Federal Government does not have up-to-date tools and
equipment within its own inventories. In addition, Federal personnel in
some cases do not have appropriate training and expertise in the cyber
area in order to effectively interact with the private sector and draw
upon its expertise. You very ably pointed out during last year's
hearing that we need to reach out to industry and academia to identify
areas in which we can be effective partners. I am committed to such a
process and have directed the FBI, using the resources that you
provided in the fiscal year 1998 appropriation, to undertake such an
effort. We will be working with industry to enhance the skills of our
employees and to seek their advice on the latest state-of-the-art
equipment and other tools necessary to meet our counterterrorism
responsibilities.
The Congress has been generous in providing the Department
additional resources, but I believe in the future we also will have to
think outside of the normal Federal Government processes. Too often,
the normal processes did not allow us to react to significant
technological changes that impact our mission at the same pace at which
the changes occur.
Although we have not come to a conclusion on this, Mr. Chairman, I
think that we may need something along the lines of a Counterterrorism
Technology Rapid Response mechanism. Such an approach would allow the
Federal Government to accelerate the normal procurement procedures and
quickly identify and deploy new technology in order to thwart terrorist
threats. I am not saying these resources would only be used to buy new
tools; they would in some cases allow us to borrow tools from or enter
into effective partnerships with both academia and industry as a way to
address potential terrorist threats. As part of our work with you to
develop the Administration's five-year counterterrorism strategic plan,
we will be presenting proposals to you on how we can rapidly address
new threats. A major approach will be the establishment of partnerships
with industry.
However, in the meantime, I think it is important that we focus on
the resources that you have provided to us in fiscal year 1998 as well
as those resources we have requested as part of the 1999 budget. I have
asked Director Freeh to reach out to the appropriate experts in
industry and academia to review with them our plans to acquire new
tools to combat terrorism. We need to assure ourselves, the Congress,
and the American people that we are acquiring the best available in
this area. I will keep you apprised of our progress.
Not only do we need to acquire new technology in order to thwart
terrorism, but we need to ensure that we have a federal workforce that
can effectively deal with our new partners in industry and academia.
One concern that has been brought to my attention is that often the
federal government is not sufficiently grounded in the new technologies
in order to be an effective partner with industry and academia. Using
the statutory flexibility that you have given to us in the fiscal year
1998 appropriation, we are committed to developing a personnel process
that will allow us to retain employees that can be effective partners
with industry and academia in dealing with new emerging technologies.
We also need to focus on how we provide continual training in these
technologies to the federal workforce. Given the fact that new
technologies appear to be deployed every 18 months, we must ensure that
our workforce can keep abreast with the new developments.
I have also asked the FBI to establish a mechanism for sharing the
benefits of this overall effort, including the most recently developed
technology and training, with our state and local partners.
Let me emphasize again that the protection of our nation and its
people from acts of domestic and international terrorism is among the
greatest challenges faced by this Administration and one of the highest
priorities of the Department of Justice. Over the past two decades, it
has become clear that American citizens and interests may be the
targets of terrorists.
Whatever the origin or misguided motivation of the particular
terrorist or terrorist group, the potential consequences of a single
terrorist incident can be enormous. For example, the magnitude of human
suffering flowing from acts of terrorism such as the bombing of Pan Am
Flight 103 is incalculable.
Events such as the World Trade Center bombing in New York City and
the bombing of the Murrah Federal Building in Oklahoma City, pointedly
demonstrated that acts of terrorism are not confined to foreign lands.
Here at home, citizens going about their daily work, and even children
entrusted to day care, may also be struck down without reason or
warning.
The challenge that terrorism presents to a free society is that we
must aggressively act to prevent and respond to such acts, using all
the tools and techniques at our disposal, while still fully respecting
the individual rights and liberties for which this nation stands.
Striking this balance, we have made much progress in the past several
years, successfully preventing a number of potentially deadly terrorist
attacks at home and abroad while enforcing and strengthening the rule
of law. We have demonstrated that our commitment is unflagging and our
memory is long. But much work remains to be done.
The policy of our government in dealing with acts of terrorism,
both at home and abroad, remains unchanged. We will do everything
possible to deter and prevent terrorist attacks. When acts of terrorism
do occur, we will respond quickly and decisively, with the full array
of options that we have available. We will work with our friends
throughout the world to interdict terrorists and ensure terrorist acts
do not go unpunished. The strategic plan we are presently developing
will provide a roadmap for the further refinement and implementation of
this policy over the next five years.
Since I last testified on this subject before this Subcommittee,
the President's Commission on Critical Infrastructure Protection
(PCCIP) has submitted its report to the President. The PCCIP report
properly emphasizes the vulnerability of each of our major
infrastructures to willful misconduct, including terrorism. Terrorists
can damage or destroy elements of our infrastructures either by
physically attacking them, or by launching cyber-based attacks aimed at
disrupting the physical infrastructures' computer and communications
systems. As we develop and position our resources to cope with these
new threats, we must also remain vigilant against more traditional
terrorist threats.
nature of the terrorist threat
Terrorist threats are both old and new. The heart-wrenching
pictures of the nose section of the 747 that was Pan Am 103 in a field
near Lockerbie, Scotland, or the half-standing building in Oklahoma
City, remind us of long-used terrorist weapons: bombs. But newer
threats abound. Chemical and biological weapons are now a potential
part of the terrorists' arsenal, as made clear by the use of Sarin gas
in the Japanese subway system. And software code may yet become another
terrorist weapon. Indeed, seven years ago, the National Research
Council predicted that ``Tomorrow's terrorist may be able to do more
damage with a keyboard than with a bomb.''
So what is the nature of the terrorist threat? It comes in three
primary forms: conventional weapons (including incendiary devices),
weapons of mass destruction, and cyberattacks.
Conventional Weapons
The bombings of the World Trade Center and the Murrah Federal
Building are recent examples of the physical security vulnerabilities
inherent in an open society. Such physical attacks could take on even
more serious dimensions, however, if the bomb were placed at a
carefully selected critical infrastructure facility. In addition to the
death or destruction caused directly by the bomb, an explosion caused
by a terrorist act could potentially destroy or disable elements of a
specific infrastructure on a regional or national scale and could cause
harm and possibly injury or loss of life to a significant portion of
our population dependent upon that critical infrastructure.
Weapons Of Mass Destruction
As nuclear, chemical or biological weapons of mass destruction
become more accessible, we face the potential of even more catastrophic
acts of terrorism. In particular, chemical or biological weapons are
relatively inexpensive to produce but have the capability of causing
widespread death if released on an unsuspecting populace. The nerve gas
attack in the Tokyo subway by members of the Aum Shinrikyo cult was a
grim warning of this potential.
Further, as the United States and the former Soviet Bloc members
proceed to dismantle their nuclear weapons, the potential exists that
weapons-grade nuclear materials may fall into the hands of a terrorist
group or a rogue political organization bent upon nuclear blackmail.
Although our nation has not yet experienced such a threat, we must
anticipate, plan and prepare for such an occurrence as we and former
Soviet Bloc nations continue disarmament.
Cyberattacks
As we become increasingly reliant on the Global Information
Infrastructure (GII), our information systems present an ever more
attractive target for terrorists. At the same time, because the GII is
itself a vast array of distinct networks with complex
interrelationships and dependencies that are not yet fully understood,
defining the vulnerabilities remains difficult. For example, a
cyberattack on a telecommunications network may affect not just private
communications, but transportation systems, banking systems, and the
availability of critical government services, such as police and fire
fighting.
By way of example, many energy facilities use Supervisory Control
and Data Acquisition (SCADA) systems. SCADA systems control a variety
of energy facility components, such as electric power plants and oil
and gas pipelines. As SCADA systems become more widespread and more
interconnected, terrorists have increased opportunities to use publicly
available as well as covertly obtained cyber techniques to damage
critical energy infrastructures. More specifically, a large number of
SCADA systems have simple dial-up access for remote maintenance which
allows problems to be handled quickly by a computer engineer but also
may make the system more vulnerable to cyber attack. Additionally, many
SCADA systems use commercial off-the-shelf hardware and software with
vulnerabilities known to individuals outside the energy industry. Other
SCADA systems are connected to corporate computer networks with
indirect connections to the Internet. As a result, many energy
operating systems that were previously unknown or inaccessible to
outside parties are now subject to possible cyber attack. An attack on
a SCADA system would be potentially devastating because it could affect
not only the energy industry, but other critical infrastructures
elements of which depend on the affected energy facilities.
Through the 5-year strategic plan we are currently developing in
close coordination with other departments and agencies, we will outline
how the federal government, in coordination with state and local
authorities and the private sector, can improve its capabilities to
prevent and deter all of these threats.
Moreover, the continuing development of technology itself is posing
challenges to law enforcement's ability to keep pace with terrorists
and others who seek to do harm to our nation and our nation's citizens
using either conventional weapons, weapons of mass destruction, or
cyberattack tools. For example, the widespread use of strong encryption
by terrorists and other criminals, unless it provides for lawful access
to plaintext by law enforcement authorities, would have catastrophic
implications for our ability to detect, prevent, and investigate crime
and terrorism. Unbreakable encryption allows terrorists to communicate
about their criminal plans with impunity and to maintain electronically
stored evidence of their crimes and records necessary to conduct their
criminal operations immune from lawful search and seizure. Developing a
balanced approach to robust encryption is an extremely serious public
policy issue that requires attention and engagement by federal, state,
and local government officials and by the people and businesses whose
public safety law enforcement officers have sworn oaths to protect. To
this end, the Administration has launched a focused initiative to work
closely with the information technology industry to develop technical
and policy solutions that represent balanced approaches to strong
encryption. We have requested a legislative moratorium on encryption
matters while we attempt to develop these solutions.
There can be no question that the policy issue of encryption
urgently needs to be resolved. As noted, our counterterrorism mission
will encounter serious difficulties if we are unable to obtain access
to the plaintext of data and communications when lawfully authorized.
Moreover, unless we achieve a balanced resolution of the issues
presented by encryption, the private sector will only reluctantly, if
at all, enter into the full spectrum of information, people, and
technology partnerships with the government that are needed in order to
prevent, deter, and effectively respond to terrorism. It is therefore
vital that in the next several weeks, we in the government and our
private sector partners pursue solutions that both address the
immediate issue of encryption and also build up the trust and
collaboration that are needed if we are to make progress on all
counterterrorism fronts.
organization of the federal government to prevent and respond to
terrorism
In my appearances before the Senate Appropriations Committee last
May and before this Subcommittee in September 1996, I described the
Administration's strategies for preventing, responding to, and
prosecuting terrorist activities against United States citizens and
interests. Today I'd like to focus on a related subject, one which is
complementary and equally important--the question of how the federal
government has organized its resources and its decision-making
processes to respond to terrorist events. My focus will be on how the
departments and agencies of the federal government, together with state
and local authorities, are increasingly working together to implement
and advance the Administration's counter-terrorism strategies. These
interagency mechanisms and resources to address terrorist threats are
the baseline from which we will be developing the five-year strategic
plan to further enhance our existing processes. Even today, the close
interaction among agencies produces insights and strengths that no
agency acting alone would have. To be frank, however, the close
partnerships that Cabinet-level departments and other agencies have
necessarily entered into also produces, on occasion, tensions arising
from the organizations' differing statutory missions, authorities,
restrictions, and perspectives that we all need to work through
together.
I would like first to talk about intelligence production and the
mechanisms for senior level coordination in the event of a terrorist
incident, and then I will address how we respond to international and
domestic terrorist incidents in turn.
Intelligence Collection and Assessment
Of course, our primary objective is to prevent terrorist acts
before they occur. Intelligence is the lifeblood of prevention since it
provides the United States with timely information about the identity,
motives, movements, plans, resources, and possible allies of the
perpetrators. The CIA is responsible for the collection, analysis and
dissemination of foreign intelligence regarding terrorist groups. Its
efforts are coordinated by its Counterterrorist Center (CTC). The
Department of Defense, similarly, engages in the collection, analysis
and dissemination of foreign intelligence that relates to the mission
and security of U.S. Forces abroad. Where such information concerns a
possible attack upon United States interests here or abroad, it is
furnished to the FBI which uses it either to assist in the development
of an on-going investigation or to open a new one. In either event, the
FBI disseminates the information to the responsible field office.
The FBI collects, analyzes, and disseminates intelligence on the
activities of international terrorists targeting interests within the
United States and terrorist groups operating in this country. This
information is used to disseminate early warnings to targets of
terrorist activity, and, when there is sufficient basis, to open
investigations of individuals or organizations who are planning or
preparing to commit terrorist acts.
Senior Level Interagency Coordination
Information concerning the possibility of an imminent terrorist
attack may be developed by any one of a variety of federal agencies,
including the FBI, CIA, DOD, and the State Department. Where credible
information is developed, the government has specific procedures to
facilitate a prompt, coordinated interagency response.
If the threat involves either a potential act of terrorism against
U.S. interests overseas or an international terrorist act within the
United States, coordination of issues requiring interagency review is
handled through the Coordinating Sub-Group (CSG) of the Deputies
Committee. The Deputy secretaries and equivalents of the Cabinet
agencies comprise the Deputies Committee; its purpose is to increase
interagency coordination, cooperation and decisionmaking at the chief
operating officer level and to provide coordinated advice and views to
the Cabinet secretaries and their equivalents and to the President. The
agency coming into possession of the information immediately notifies
the office of the NSC official who chairs the CSG, which has the
capability of convening an emergency meeting of that group, via
teleconference, in a matter of minutes. For potential acts of terrorism
within the United States that are not of an international nature, the
same expeditious coordination mechanism is available, except that the
Department of Justice, through the FBI, is the organization which
convenes and chairs the meeting.
The regular CSG members include the State Department, Defense
Department, CIA, FBI, and Department of Justice. The CSG is also able
to notify and involve its established points of contact in a variety of
other federal agencies when the circumstances of the particular
terrorist threat warrant the inclusion of one or more of those
agencies. They include the Departments of Energy, Transportation,
Treasury, Health and Human Services, Agriculture, as well as FEMA, EPA,
and the NRC. For example, for a threatened terrorist act involving a
chemical weapon, the CSG meeting would include, in addition to the
regular components, representatives from the Public Health Service of
the Department of Health and Human Services, the EPA, and FEMA.
Among the actions which the CSG can recommend to the Deputies
Committee is deployment of either a Foreign Emergency Support Team
(FEST) or a Domestic Emergency Support Team (DEST). Specialized modules
of these teams can be called on as needed to address chemical, nuclear,
and biological threats or acts of terrorism. Once activated, a FEST or
DEST team can quickly assemble its components at the incident area
within a few hours. Once on site, the FEST or DEST team is available to
provide expert, highly specialized advice and guidance concerning the
most appropriate response to the terrorist threat or incident. This on-
site information, in turn, provides an informed basis for further
decision making concerning the deployment of additional federal
resources.
Interagency response capabilities are exercised, through either
tabletop or field training exercises, to facilitate coordinated
interaction.
Responding to Domestic Incidents
Crisis Deployment Strategy
Presidential Decision Directive 39, known as ``PDD-39'', sets forth
lead agency responsibilities for combatting terrorism, including
responding to terrorist incidents. The Department of Justice, and in
particular the FBI, has lead responsibility for responding to terrorist
threats and incidents occurring within the United States. As described
in PDD-39, the federal response to terrorism includes two components,
crisis management (led by the FBI) and consequence management (led by
FEMA, in support of State and local government). Crisis management
includes measures to identify, acquire, and plan the use of resources
needed to anticipate, prevent, and resolve a threat or act of
terrorism. It is primarily a law enforcement response. Consequence
management includes measures to protect public health and safety,
restore essential government services, and provide emergency relief to
governments, businesses, and individuals affected by the consequences
of an act of terrorism.
The Department has drafted ``Guidelines for the Mobilization
Deployment and Employment of U.S. Government Agencies In response to a
Domestic Threat or Incident In Accordance With PDD-39.'' These
Guidelines, which have not been fully approved yet but are in the final
stages of interagency coordination, are also known as the ``Domestic
Guidelines''; they serve as coordinating measures within the framework
of PDD-39 and are designed to enhance the capability of the U.S.
Government to respond to terrorism. The Domestic Guidelines also were
formulated to facilitate interagency coordination in support of the
FBI's lead role in combating domestic terrorism, to delineate command
responsibilities, and to address the use of the Domestic Emergency
Support Team (DEST) and the Joint Operations Center (JOC).
Additionally, the Domestic Guidelines:
--detail the roles and responsibilities of federal agencies in
responding to a terrorist incident, including one involving a
weapon of mass destruction (WMD). These include those of the
On-Scene Commander and DEST Team Leader, DEST training and
exercise programs, formation and structure of the DEST and JOC,
and interagency responsibilities during WMD incidents.
--detail the roles and responsibilities of federal agencies in
responding to a terrorism incident, including one involving
nuclear, chemical or biological weapons of mass destruction;
--define the circumstances under which military resources can,
consistent with federal law, be used for technical assistance
or law enforcement support, detail the procedures for seeking
such assets, and delineate the interrelation between military
forces and the FBI. Under those procedures, the FBI on-scene
commander will make an assessment whether military, technical
or law enforcement assistance is necessary to address the
crisis. His or her recommendation will be transmitted to the
Attorney General who will, in turn, consult with the Secretary
of Defense to determine whether the statutory prerequisites for
such support are satisfied. In some instances, the President
must also be consulted and he may be required by statute to
issue findings and a Proclamation to disperse before military
authorities can be employed for law enforcement purposes.
Let me briefly outline how components of the FBI's domestic
terrorism apparatus will work and interrelate in the event of a
terrorist crisis. Upon receipt of information concerning a credible
threat, the FBI`s Assistant Director for National Security will
activate the Strategic and Information Operations Center (SIOC). The
SIOC is staffed 24 hours a day and is used by FBI headquarters units as
a command post to direct special operations or respond to terrorist
incidents. The FBI Counterterrorism Center (CTC) includes
representatives of eighteen federal agencies, including DOE, DOD, FEMA,
Customs, Secret Service, and INS. The CTC, which was established in
1995, brings the resources and expertise of these eighteen agencies
together, promotes communication of information among agencies, and
helps to coordinate the response of the entire U.S. law enforcement
community to terrorism. These agencies would be requested, when
appropriate, to send a representative to the SIOC. That official would
act as a liaison in coordinating needed support from parent federal
agencies in responding to the crisis.
At the same time, the Domestic Emergency Support Team (DEST), a
rapidly deployable interagency team of specialized advisors from
several government agencies, including the Departments of Defense,
Energy, and Health and Human Services, EPA, and FEMA, would be on call
to provide assessment and expert technical advice to the FBI on-scene
commander. Upon his or her request, and the concurrence of the Attorney
General and the FBI Director, a task-organized element of the DEST
would be deployed to the scene of the crisis for that purpose. In
addition to its advice and assistance coordination role, the DEST would
also ensure that decisionmakers, including those located in the SIOC,
receive critical information on a timely basis and that the DEST
agencies coordinate their on-scene operations in a manner that supports
the commander's needs.
Finally, the FBI's Critical Incident Response Group (CIRG), which
is headquartered at Quantico, Virginia, would coordinate support, as
necessary, of several specialized FBI components. These include the
Hostage Rescue Team, and Crisis Management Unit.
It is also important to understand that other law enforcement
agencies play a significant role, not only in assisting the FBI as lead
federal agency, but in supporting the state and local emergency
responders. The Director of the FBI and I fully recognize that no
single agency can tackle acts of terrorism--especially one involving a
WMD--alone. Thus, our approach must be a unified one, bringing the
expertise of the entire federal government to the front door of the
state or municipality as needed. Improving the processes by which
federal resources are made available to state and local authorities is
one of the objectives of the five-year counterterrorism plan.
Among the groups of federal law enforcement authorities who play
important roles in the battle against domestic terrorism are the
Immigration Service, Customs Service, Border Patrol and Coast Guard.
These agencies share the mission of protecting our borders, including
the coastline, from foreign terrorists, weapons and other
instrumentalities of potential use to terrorists. Their roles are
crucial, for example, if intelligence sources indicate that a terrorist
threat is presented by the clandestine importation of a WMD into the
United States for use against a domestic target.
In cases involving arson or use of firearms or explosives, the FBI
and the Treasury Department's Bureau of Alcohol, Tobacco and Firearms
(ATF) have overlapping investigative responsibilities. When
investigating violations which do not, at the outset, plainly fall
within the investigative jurisdiction of one agency or the other, both
participate in the effort. This joint approach includes coordination at
both the headquarters and field levels until primary investigative
jurisdiction is clearly established. The two agencies have established
a working group to address areas of mutual concern. Topics considered
by the group include investigative jurisdiction and protocols, crime
scene and laboratory procedures, and training. In addition, the FBI and
ATF have conducted a joint conference with the Special Agents in charge
of FBI and ATF field offices to further develop a mutual working
understanding. The FBI and ATF are also reviewing the current
Memorandum of Understanding on bombing investigations in light of
recent legislation which affects those investigations. Finally, ATF
agents are present in the FBI Joint Terrorism Task Forces throughout
the country and ATF has detailed an agent to the FBI's Counterterrorism
Center.
Beginning in January 1996, the FBI developed two new units to
address weapons of mass destruction (WMD) matters. Today, these units
are comprised of nearly 40 employees, eight of whom are detailees from
other federal agencies. The WMD Operations Unit (WMDOU) is the
operational entity for all threats, threat assessments and domestic WMD
incidents. It conducts WMD crisis planning and will coordinate the
national response if state and local authorities require federal
support during a crisis. A WMD Countermeasures Unit (WMDCU) was also
established to coordinate the training of state and local first
responders in support of the Domestic Preparedness Program.
Additionally, it coordinates the preparation and planning of all WMD
exercises within the Bureau in concert with CIRG. To deal with WMD
crises, the FBI maintains an all-hour, full-time capability to conduct
assessments of any threat involving such weapons. The FBI frequently
receives information indicating an individual or group is professing an
intent to use WMD materials. Upon receipt of such information, a
preliminary assessment is made to determine if enough credible
intelligence exists to warrant an interagency response. In such cases,
an alert notification procedure is implemented to provide the threat
information to all entities involved in the assessment process. The
threat is evaluated by an assessment team which is tailored according
to the threat; it may draw from expertise available at a number of
federal agencies outside of the FBI, including the Department of
Defense, the Department of Energy, the Department of Health and Human
Services, the Environmental Protection Agency, and others.
When performed, the WMD threat assessment determines credibility of
the threat from three points of view: technical feasibility,
operational practicality, and behavioral resolve. Technical feasibility
includes the capacity to obtain or produce the WMD material claimed;
operational practicality refers to the feasibility of carrying out the
threatened mode of deployment; and behavioral resolve addresses the
psychological assessment of the likelihood of carrying out the threat.
Using these three criteria, members of the team prepare an aggregate
assessment of the credibility of the threat.
That information is then furnished to the appropriate FBI field
office. At this point, further actions may be deemed necessary, to
include initiating the deployment of assets to the affected location.
The level of response may range from sending members of the FBI's
Hazardous Materials Response Unit (HMRU) to help integrate scientific
and technical responses and to retrieve evidence for further analysis,
to a full scale deployment including the DEST and other assets to
assist in detection and mitigation. The establishment of a Joint
Operations Center (JOC) may also be deemed necessary to coordinate
activities between the federal, state, and local agencies involved in
responding to the incident. Members of all such agencies are involved
in the operation of the JOC. If no immediate threat to public safety
exists, normal investigative avenues are pursued to determine the
identity and motivations of the subjects and, where warranted, to
apprehend them.
The complexity of a threatened or consummated WMD incident requires
that the FBI rely heavily upon the expertise of other federal agencies
to assist in the resolution of the crisis through a specially
configured DEST. In particular, the armed forces possess unique
capabilities to locate, evaluate, isolate, disarm and dispose of WMD
devices, capabilities which can be placed at the FBI's disposal upon
compliance with statutory requirements. HHS has responsibility for
providing technical advice and assistance such as threat assessment,
identification of contaminants, and public health guidance. EPA shares
these responsibilities and, in addition, provides advice on
decontamination. Finally, FEMA is responsible for coordination of
federal consequence management response in support of state and local
governments.
Prosecution of Terrorists
The prevention of terrorism also requires that we have the capacity
to bring to justice those who are planning to or have committed a
terrorist act. While we unfortunately may not be able to prevent all
terrorist acts, we will vigorously investigate and prosecute terrorism
cases. If an act of domestic terrorism occurs, federal prosecutors
become involved with the FBI, as well as state and local law
enforcement authorities, in an around-the-clock effort to develop
evidence and to identify and apprehend those responsible. We have
created an Attorneys Critical Incident Response Group, or ACIRG,
composed of expert federal lawyers here in Washington and around the
country, whose job it is to provide the Department's leadership with an
improved capacity to manage the incident and, on occasion, support the
United States Attorney in the on-scene response to the crisis. The
ACIRG concept is flexible in nature; it contemplates the formation of
task-tailored teams to fit the particular crisis. In some instances,
the teams will involve monitoring events and periodic updates to senior
Department officials. In others, the teams will provide a full-time
presence at the FBI's SIOC to provide on-the-spot legal advice.
Finally, where the crisis is a particularly grave one, team members
will deploy to the field to provide expert advice to the local U.S.
Attorney, coordinate multi-district matters and, in very rare cases,
assume on-site responsibility.
During such exigencies, the Criminal Division's Terrorism and
Violent Crime Section (TVCS), some of whose members are part of the
ACIRG, will augment its legal advice and liaison functions as needed.
To ensure preparation for their roles in a domestic terrorism crisis,
TVCS has developed and conducted training for designated ACIRG members
and the Assistant U.S. Attorneys selected to interact with them. In
addition, as part of the Attorney General's ``critical incident
response plan,'' each U.S. Attorney's office has been tasked to develop
a crisis response plan that includes a scheme for coordination with
local, state and federal responders.
Through aggressive investigative techniques, and the subsequent
prosecution of those who commit terrorist acts, the government seeks to
incapacitate the perpetrators from further acts and deter others who
would emulate them.
The rapid arrests and subsequent convictions of those involved in
the World Trade Center bombing were the direct result of the effective
cooperation of federal, state and local law enforcement agents working
closely with assigned prosecutors. The conviction and death sentence of
Timothy McVeigh for the Murrah Federal Building bombing, following a
meticulous investigation and exemplary executed prosecution, will
surely send an unmistakable message to others who might contemplate
committing similar acts of terrorism.
Consequence Management
PDD-39 designates the Federal Emergency Management Agency (FEMA) as
the lead agency for coordinating the consequence management of acts of
terrorism, including the use of weapons of mass destruction incidents.
During a terrorism crisis, FEMA acts in support of the FBI until the
Attorney General is satisfied that addressing the consequences of the
act should assume primacy over dealing with the immediate crisis
situation. The domestic ``Guidelines'' address the procedures for the
transfer of such responsibility.
When the Attorney General approves the decision to transfer the
federal lead agency role from the FBI to FEMA, FEMA's designated
Federal Coordinating Officer (FCO) will coordinate federal actions in
support of state and local governments to provide effective consequence
management appropriate to the incident. FEMA policy provides that, in
fulfilling this role, it will employ the established structure of the
Federal Response Plan (FRP). The FRP defines the relationships and
roles of 28 federal departments and agencies and the American Red Cross
in the consequence management of any disaster or emergency in which
FEMA is called to respond.
Responding to international terrorism
Under PDD-39, the State Department serves as the lead agency for
coordinating the U.S. response for acts of terrorism that take place
outside of U.S. territory and within the jurisdiction of another
nation. When a terrorist incident abroad occurs, the State Department
acts as the on-scene coordinator for the U.S. Government. In response
to a terrorist incident abroad, as I noted earlier, a Foreign Emergency
Support Team (FEST) can be deployed when U.S. interests are threatened.
The FEST consists of representatives of State, DOD, and the FBI. The
purpose of the FEST is to provide the Chief of Mission, host government
leaders, and incident managers guidance concerning U.S. capabilities in
resolving incidents or crisis situations posing a serious and immediate
threat to U.S. interests.
When the decision is made to deploy the FEST, which is led by a
member of the State Department's Office of the Coordinator for
Counterterrorism, a decision is also made concerning the composition of
the team and the possible need for additional support from other U.S.
government agencies, including the Department of Energy, Department of
Transportation, and the Public Health Service. The FBI provides support
to the FEST concerning U.S. law enforcement capabilities, crisis
management assistance, contingency planning, hostage negotiations,
evidence collection and guidance about U.S. extraterritorial
jurisdiction. It is important to understand, however, that FBI FEST
members are not, themselves, part of the investigative team that may be
called upon to investigate an extraterritorial terrorism incident.
PDD-39 also assigns to the Federal Aviation Administration (FAA)
primacy in dealing with terrorist acts involving air piracy. FAA has
lead responsibility for the coordination of any law enforcement
activity affecting the safety of persons aboard an aircraft within the
special aircraft jurisdiction of the United States.
Developing a Criminal Case
As is the case with domestic incidents, whenever an act of
international terrorism that violates federal law is committed, the FBI
initiates a criminal investigation. In such cases, as the lead crisis
management agency, the State Department seeks for the FBI the broadest
possible access to the crime scene and foreign witnesses. The
Department of Justice supports the Bureau's efforts to obtain access to
evidence and witnesses through the use of Mutual Legal Assistance
Treaty (MLAT) requests and, where required, letters rogatory.
Additionally, where evidence or witnesses are located within the United
States, the Department of Justice may convene grand jury proceedings to
facilitate the investigation. As cases become prosecutable through the
development of sufficient evidence and legal theories, Department of
Justice prosecutors file a complaint or seek an indictment, and obtain
arrest warrants. The arrest warrants may be sealed when necessary to
facilitate apprehension of the defendants.
Once an arrest warrant is obtained, the U.S. works with the
diplomatic, law enforcement and intelligence communities of foreign
governments to locate the defendants, to effect their arrests and,
whenever possible, to prosecute them in the United States.
As one illustration of our unrelenting commitment in undertaking
these measures, in 1993 the FBI apprehended Omar Ali Rezaq in Africa
and brought him to the United States to stand trial for aircraft piracy
as the result of his participation in the hijacking in Southern Europe
of an Air Egypt flight in November 1985 and the murder of one U.S. and
one Israeli passenger. Rezaq was convicted in 1996 and sentenced to a
life term. Similarly, in September 1996, the United States obtained
custody of Tsutomu Shirosaki in Asia on charges emanating from his
October 14, 1986, explosives attack on the U.S. Embassy in Jakarta,
Indonesia. He was convicted in November 1997, and received a 30 year
sentence.
International cooperation is particularly necessary when terrorists
commit cyberattacks and other crimes through computer-based
technologies. In cybercases, many incidents must be investigated in
real-time because electronic trails may disappear once a hacker
disconnects from the system or network that he is attacking. For this
reason, the United States proposed creating, through the Group of Eight
Nations, a Subgroup on High-Tech Crime, which has been examining ways
to ensure that transnational cybercrimes can be swiftly investigated.
As part of the Eight process, the Justice and Interior Ministers of the
Eight met in December 1997 and adopted a ten-point Action Plan leading
each country to designate a 24-hour point of contact so that high-tech
criminals can be expeditiously pursued. The Subgroup is also seeking
ways to expedite international trap-and-trace procedures.
Critical Infrastructures
The findings and recommendations of the President's Commission for
Critical Infrastructure Protection, issued in October 1997, underscored
the need to expand the nation's capabilities to respond to physical and
cyber attacks on critical infrastructures. In particular, the PCCIP
report focused on the need to enhance collaboration and cooperation
between the public and private sectors to anticipate, deter, respond
to, and investigate emerging threats to our infrastructure.
In response to these recommendations, and in consultation with
other agencies across the Government, we have established within the
FBI the National Infrastructure Protection Center (NIPC). Building on
the former Computer Investigations and Infrastructure Threat Assessment
Center (CITAC), the NIPC is to be an interagency partnership between
federal agencies with responsibility for the nation's critical
infrastructures and the private owners and operators of that critical
infrastructure.
The NIPC's mission is to deter, prevent, assess, warn of,
investigate, and coordinate the response to threats and unlawful acts
targeting the critical infrastructures of the United States, including
illegal intrusions into government and private sector computer
networks. The NIPC will accomplish its missions by focusing its
investigative and analytical efforts on critical infrastructures and
technologies, and on how and by whom they are threatened and attacked.
In addition, the Center will work with other organizations to ensure
that federal, state and local cyber-investigators are properly trained
and equipped. The NIPC will also evaluate, acquire and deploy computer
equipment and cyber tools to support investigations and infrastructure
protection efforts.
The NIPC, along with other federal agencies, will play an important
role in an expanded partnership between government and the private
sector. The FBI is hiring or developing partnerships with
representatives of private industry, including private sector Computer
Emergency Response Teams (CERT's), and will establish direct electronic
connectivity with private industry, CERT's, state and local law
enforcement entities and other government agencies. While we recognize
that all of the interests of the private sector may not be represented
in the NIPC and that private sector infrastructure owners and operators
have responsibility for securing their own systems, through this
partnership, the NIPC will facilitate the development of a world-class
computer intrusion investigative capability with state-of-the-art
tools, technologies, and intellectual capital related to computer
intrusions and infrastructure protection. Additionally, the NIPC will
help plan and develop a cyber emergency response capability.
The NIPC will be staffed by approximately 125 persons--eighty-five
from the FBI, and approximately forty from other government agencies
and from the private sector.
Having described the purpose and organization of the NIPC, let me
focus now on the roles of NIPC and the other resources of the
government in responding in particular to the new breed of potential
terrorist attack--that of a cyberintrusion by a terrorist.
Cyber Intrusions
Until this point in my testimony, I have discussed our responses to
international terrorism and domestic terrorism as largely distinct
subjects. This is so because the roles, responsibilities, and
interagency processes that are involved differ considerably between the
two areas. One of the greatest challenges we face in the Department of
Justice, and one that confronts all of the departments and agencies, is
to determine whether a cyber intrusion is in fact an act of
international terrorism, an act of domestic terrorism, or comes from
some other malevolent source such as a non-terrorist criminal acting
for illicit gain or vengeance, a hostile foreign intelligence service
or, most seriously, a hostile state attacking the United States. In
conventional terrorist attacks, the act often speaks for itself; the
bombing at the World Trade Center would be classified as
``terroristic'' no matter who the actor. But although computer commands
and digital manipulation of our information infrastructures have become
potential terrorist weapons, it does not follow that every computer
intrusion is in fact a terrorist act. And properly identifying the true
nature of an attack is all the more difficult because the current
information infrastructure can make it difficult or impossible to
pinpoint the source of an attack or identify sponsorship of the
activity.
To respond to this fluidity and uncertainty in cyberattacks, the
FBI is creating the Computer Emergency Support Team (CEST). In the
past, ``foreign'' attacks that at first seemed to be state-sponsored
turned out to be U.S. hackers looping through foreign sites. It is
therefore critically important not to make premature assumptions about
the location or motive of the attacker. Such assumptions--that the
attack is state-sponsored information warfare or an intelligence
activity--have proved wrong in the past. Indeed, the only assumption
that can safely be made at the outset of a cyberattack is that the
attack constitutes a violation of federal law, and it must continue to
be treated as a crime in the absence of evidence suggesting another
motive.
Because of the uncertain nature of cyber intrusions, the Department
of Justice maintains close coordination and communication with the
National Security Council. The National Security Adviser and the NSC
staff are charged with informing and advising the President about
potential attacks on the national security of the United States.
Therefore, it is important for these advisers to receive the necessary
information relevant to their responsibilities, and to participate,
with me and the other Principals, in the ongoing consultation and
decisionmaking process about whether and when a criminal matter has
become an attack on our national security.
When a matter is the subject of a criminal investigation, powerful
investigative tools offer the ability to quickly secure evidence
wherever located. Moreover, NIPC personnel will be highly-sensitive to
intelligence issues, ever vigilant for the national security
implications of an investigation. Indeed, the nature of cyberattacks
highlights the fact that any comprehensive approach to a cybercrime
requires a multidisciplinary and interagency approach, bringing
together the disciplines of computer security, law enforcement,
counterintelligence, counterterrorism and foreign intelligence.
Clearly, the level of technical, forensic, and legal ability necessary
to combat these threats is extremely high and very specialized.
In responding to cyber incidents, the FBI draws heavily upon the
skills of their Supervisory Special Agents assigned to the Computer
Investigations and Operations section at FBI Headquarters, as well as
teams in the other FBI offices. To deal with the complex legal issues
raised by hacking cases, the FBI will consult with the Computer Crime
and Intellectual Property Section (CCIPS) and those Assistant United
States Attorneys, known as Computer and Telecommunications Coordinators
(CTC's), who have been specially trained by CCIPS to deal with cyber
events. Using these resources, and with the help of the Department of
Defense and other agencies, the Department of Justice was able to
respond quickly to the recent attacks upon numerous Department of
Defense and other government and educational sites. As you are likely
aware, that investigation has led investigators from California to
Israel, with the resultant identification of the principal participants
in the intrusions.
improving our capability to prevent and respond to terrorism
Recent Successes
To date, our initiatives to combat international and domestic
terrorism have had a number of notable successes. For example, in
addition to the recent Rezaq and Shirosaki convictions, during the past
year, the FBI, working with other federal agencies, captured Mir Amal
Kasi from overseas so that he could be tried in Fairfax County,
Virginia, where he was convicted and sentenced to death for the January
12, 1993, murders of two CIA employees.
During the past year, federal authorities, often working closely
with their state and local counterparts, have also thwarted at least
eight planned bombings or other acts of terrorism by homegrown
extremist groups. One of these involved a scheme to bomb a large
natural gas refinery in Wise County, Texas, to divert attention from a
planned armored car robbery.
Additionally, on October 8, 1997, collaborative efforts of the
Departments of Justice, State, and Treasury were an integral part of
the process that culminated in the designation of 30 organizations as
foreign terrorist organizations under Section 302 of the Antiterrorism
and Effective Death Penalty Act of 1996. These designations trigger
provisions that permit the prosecution of persons within the United
States who knowingly furnish material support to designated foreign
terrorist organizations. The provisions also call for U.S. financial
institutions to block the assets of the designated organizations and
render their members excludable from the United States.
New Programs and Initiatives
Nunn/Lugar and related efforts to develop state and local
partnerships
We cannot, however, afford to rest on our laurels. Instead, in
partnership with this subcommittee and the Congress, we must continue
forging ahead to improve our capabilities to combat terrorism, and
implement legislation enacted for that purpose. As a cornerstone of
this effort, the five-year counterterrorism strategic plan will chart
the course ahead for all of the agencies involved in counterterrorism.
For now, let me highlight a few examples of our new programs and
initiatives. In this respect, the Defense Against Weapons of Mass
Destruction Act of 1996 was enacted as the Nunn-Lugar-Domenici
Amendment (Nunn-Lugar) to the DOD Appropriations Act for Fiscal Year
1997. ``Nunn-Lugar'' imposes upon the Executive Branch a number of
requirements relating to preparedness in responding to the terrorist
use of weapons of mass destruction (WMD)--chemical, nuclear and
biological weapons--within the U.S. Among other things, the legislation
requires the Executive Branch to assess its capabilities to assist
state and local governments in preventing and responding to terrorist
incidents involving such weapons. It mandates that DOD, in coordination
with other relevant federal agencies, establish programs to advise and
train civilian emergency preparedness personnel at all levels of
government in planning for and responding to WMD incidents.
Additionally, it directs DOD to establish rapid terrorism response
teams for the purpose of assisting such authorities in the detection,
neutralization, containment, dismantlement and disposal of weapons of
mass destruction.
The FBI and other federal agencies such as FEMA, the Department of
Justice's Office of Justice Programs (OJP), the Department of Energy,
EPA, and PHS, are supporting the Department of Defense in this
initiative to provide WMD training to state and local ``emergency
responders.'' These consist of state and local police, fire, and
emergency medical personnel who would likely provide the initial
response to a WMD incident. This initiative, which commenced in late
fiscal year 1997, will eventually train emergency responders in 120
cities throughout the United States. To date, officials from 19 cities
have received training; an additional 31 cities are due to be
introduced to the training in fiscal year 1998; and 35 more will be
visited during fiscal year 1999.
In addition to these Nunn/Lugar-driven initiatives, the FBI pursues
continuous crisis management planning in conjunction with other Federal
agencies, as well as with local police, fire, and emergency medical
personnel. For example, to further enhance the federal-state-local
approach to combating terrorism, the FBI has, to date, established 16
Joint Terrorism Task Forces in field locations. The objective of the
FBI in this respect is to ensure that all entities that would respond
to an act of terrorism, involving either a WMD or a conventional
weapon, are coordinated at the state and local, as well as at the
national, level.
The Counterterrorism Fund
In 1998, Congress provided $52.7 million in the Counterterorrism
Fund. Twenty-one million, two hundred thousand dollars has been
allocated to ensure that State and local first responders have basic
equipment and training to respond to chemical or biological incidents
as well as those involving improvised explosive devices.
A total of $5.2 million is provided for the FBI's Hazardous Devices
School at Redstone Arsenal, Huntsville, Alabama. These funds will be
used for the expansion and renovation of the Hazardous Devices School
to increase the number of bomb technicians trained each year on
response to improvised explosive devices as well as nuclear,
biological, and chemical incident matters. The funding will also
provide certain items and articles of equipment for bomb squad use.
Further, $16 million is authorized for the provision of operational
response equipment and training to state and local agencies that will
enhance their capabilities to respond to an incident involving weapons
of mass destruction. The Office of Justice Programs (OJP) will
administer these funds as follows:
Working with the FBI, OJP is developing a $12 million grant program
to provide equipment to state and local authorities who would be called
upon to respond to an incident involving weapons of mass destruction.
Such categories of equipment include items necessary for personal
protection, detection, decontamination, and communication during an
actual response. The FBI and OJP will coordinate with Nunn-Lugar and
other efforts that also provide equipment to first responders to insure
that overlap does not occur.
In addition, $2 million is provided for OJP to establish and
administer a training center for state and local first responder
personnel at Fort McClellan, Alabama. This Center will provide first
responder personnel with state-of-the-art training, including ``hands-
on'' field and laboratory exercises to improve their capabilities to
respond to and manage terrorist incidents, including those involving
chemical agents and explosive devices. This Center will work in
cooperation with a consortium of universities and other specialized
facilities which offer resources and expertise critical to first
responder training. OJP will coordinate its administration of the Fort
McClellan program, both training and curriculum, with the FBI. $2
million is also provided for the operation of a similar training center
in conjunction with the Energetic Materials Research and Testing Center
at the New Mexico Institute of Mining and Technology, in Socorro, New
Mexico. OJP will administer this program as well, working with the
Institute to define and develop curriculum and training appropriate to
the Institute's capabilities and expertise in a manner that does not
duplicate other available facilities and resources.
In addition to these disbursements, $20 million of the CTF is to be
used to reimburse Departmental components for costs incurred in support
of countering, investigating, and prosecuting domestic and/or
international terrorism; to finance reward payments in connection with
such activities; and to restore the operational capacities of offices
destroyed or damaged by domestic or international terrorist acts. Since
approximately $48 million ($20 million in 1998 appropriations and $28
million in carryover funds) was available at the beginning of 1998 for
reimbursement, no additional reimbursement funding was requested in
1999.
The remaining $32.7 million in 1998 funds will be used for the
following: development of the five-year interdepartmental
counterterrorism and technology plan ($1 million); research and
development ($10.5 million); and improving state and local response
capabilities ($21.2 million).
For 1999, the Department seeks $52.703 million in funding for the
CTF. Of this, $16 million would continue the program begun in 1998 to
provide Weapons of Mass Destruction response equipment and training for
state and local first responders. In addition, an enhancement of $3.1
million is requested to ensure the Continuation of Operations and the
Continuity of Government during a time of emergency. The $3.1 million
will fund an alternate crisis management/relocation facility to carry
on essential Justice Department functions in the event the Department,
or one of its components, is denied access to its facilities for
various reasons, such as a terrorist act. The remaining $33.603 million
is requested to implement certain recommendations of the President's
Commission on Critical Infrastructure Protection, including funding for
the expansion of the FBI's National Infrastructure Protection Center
(NIPC). Funds not required for either ensuring the continuity of
essential Department functions during an emergency or for critical
infrastructure protection would remain available for the other
authorized purposes of the CTF, including countering, investigating,
and prosecuting domestic or international terrorism.
Senator Gregg. Thank you, Madam Attorney General. If you
will make a note, or if your staff will make a note, to get us
language you want on the equipment issue, we will get that in
the bill.
Director Freeh's statement
Director.
Mr. Freeh. Thank you, Mr. Chairman. I will just make a very
brief statement. Let me also join the Attorney General in
commending the committee, and particularly your own personal
leadership in this critical area.
History of counterterrorism
I think if you look at the history of counterterrorism
activity by the Federal Government, you will see an historic
change beginning in about 1995, with respect not only to the
emphasis, but to the resources and infrastructure which this
Congress and this committee, particularly, has spearheaded, in
terms of the delivery of those services for the protection of
the people that we are obligated to protect.
Let me just contrast very briefly incidents of a few years
ago, given the available tools and resources, and what we are
prepared to react to today in 1998, thanks to the resources and
the leadership of this committee.
If you take the bombing of the World Trade Center, if you
take the Khobar bombing in Saudi Arabia, even the Oklahoma City
bombing, those were catastrophic acts of terrorism, both
domestic and foreign, to which the Federal Government, the
State and local officials, and particularly the Department of
Justice reacted to very quickly, in my view very ably, and very
expertly, given the results of those investigations, and the
speed with which the individuals at least in the World Trade
Tower case and the Oklahoma case were identified and
apprehended, convicted, and sentenced.
We did not have at that time the many resources which are
now part of our routine table of tools to deal with these kinds
of cases. For instance, we did not have a Counterterrorism
Center during those events, which this committee has provided
to us, where now 18 Federal agencies can co-locate and work,
not just to analyze information and intelligence, but to
respond in a unified fashion when an attack such as those
occurred.
We did not have the structures that we now have with
respect to the Infrastructure Protection Center. We did not
have the hazardous materials response unit in our laboratory
which responded very recently to the threat in Las Vegas of an
anthrax attack.
We did not have the weapons of mass destruction operations
unit. We did not have the expanded legat program, which this
committee also was responsible for supporting successfully,
which gives us the ability to work overseas, not only to
prevent these kinds of acts, but also to solve them quickly.
We were not engaged in first responder training, as we are
now. We did not have the expanded capabilities in our
operations center, that the new SIOC facility which was funded
under the leadership of this committee will have when it is
opened in August of this year.
We did not have the relationships in place between the FBI
and the CIA on the one hand which now result in apprehensions
of people like Kasi and their return back to the United States.
We did not have the PDD-39 which clearly specifies the
FBI's leadership role in counterterrorism acts in the United
States, as well as the lead supporting role in overseas
activities.
We did not have the designated Department of Justice
attorneys in the critical areas relating to counterterrorism,
both in terms of acts of violence and also cybercrimes and
attacks against our infrastructure.
We did not have the plan and the framework for putting
together the resources which are needed to further focus our
mission and coordinate what we are doing. We did not have the
equipment that is now provided to our CIRG unit in Quantico for
dealing with hazardous material investigations and responses.
And I could go on, actually, at some length. What I think
is critical is that beginning in 1995, and continuing this year
and now into the 1999 request, this committee, and you, Mr.
Chairman and Mr. Hollings, really, turned around the question
of resources and capability, and infrastructure. And we will be
better prepared to protect this country and its people in the
years to come as a result of that.
Counterterrorism threats
The threats change, of course, from year to year. We have
individuals, even very recently, shutting down a small airport
in New England by a computer attack against its infrastructure.
We have other individuals trying to shut down 911 systems in
Florida, systems which are critical to the protection of
everyone.
We know that we have terrorists and spies, and even more
common, white collar criminals looking to exploit information
systems to commit crimes. We see that most glaringly in the
Innocent Images case, which again, your leadership and the
leadership of this committee have been responsible for giving
us the tools to deal with these issues.
We are in a formative stage in the sense that we are still
planning how to carry out these functions, to use the resources
wisely, to make sure we do not duplicate what other agencies
are doing.
The Attorney General, in particular, has emphasized to us
the need to insure that our State and local partners not only
receive the training and equipment which this committee has
authorized, but that they have direct input into our
Counterterrorism Center, that their interests are represented
in the new National Infrastructure Protection Center, and to
make sure in all of our endeavors that we work with them
closely and cooperatively.
We have other issues and problems to deal with. The
Attorney General mentioned encryption. These are issues that
need to be addressed, to give us the capability which I know
your committee and the Congress intend us to have by the
appropriations and the leadership that they have shown in this
area.
So let me add my appreciation to that of the Attorney
General, and tell you that as the FBI Director I am confident
that in 1998 we are twice as prepared to deal with these
threats, both at home and overseas, both truck bombs as well as
infrastructure attacks, and we are twice as prepared because of
the resources, the leadership, and the focus which this
committee in particular and the Congress has given to this
problem.
Thank you.
Counterterrorism coordination
Senator Gregg. Thank you, Director.
I agree. We are at least twice as prepared, but we are
still, as you mentioned, in the formative stages. I want to go
over a little bit where we are, because I would like to get a
sense of how this is playing out. In your opinion, who is
coordinating the national effort on counterterrorism for
anticipating events in the area of weapons of mass destruction,
and where should that responsibility be, and is that
coordination being done correctly?
Ms. Reno. Let me address it initially. The coordination,
under PDD-39, between agencies ultimately lies with the
National Security Council. Where it relates to domestic
terrorism and the use of chemical, biological or nuclear
weapons within the United States, the FBI is the lead agency,
and the Department of Justice and the FBI are planning on a
regular basis and developing through the 5-year strategy that
plan.
As part of the 5-year strategy, as I mentioned, we have
submitted to you an outline. But we will now be meeting with
the different agencies, both those that you have mandated that
we meet with, and we are bringing in other agencies to ensure
that there is full consultation and that we develop an
organized plan with relationship to all terrorist issues as
well as weapons of mass destruction.
With respect to immediate issues, we are in the process of
doing the Nunn-Lugar initiatives in a number of cities, and
learning from those experiences what can be done to improve our
coordination with the Department of Defense.
As you noted before the hearing began, the Department of
Defense has undertaken certain steps with the National Guard to
be prepared through teams that would be available for
responding. As I indicated, we will be having regular meetings.
We have already had our first meeting with the Department of
Defense, and one of the issues that we have identified for
discussion is how we handle these matters together, and what we
do with respect to coordination at the scene.
I would let Director Freeh respond further.
Mr. Freeh. I just would echo what the Attorney General has
said. I think the current structure with respect to response
and playing the leading, coordinating role in response to these
particular events, particularly domestic events, is really
successfully placed with the Attorney General, and the FBI as
the lead agency in the planning for events, where opportunities
of attack and targeting are obvious or contemplated, and also
in responding to those events.
I think that the PDD-39 formula which puts that
responsibility with the Attorney General and the FBI is
prudent. I do not think it should be altered.
Role of the NSC
Senator Gregg. I guess my question is, is it working? We
did read some reports that the NSC has stepped into the arena
in maybe a way that has put it in the process of making law
enforcement types of decisions, versus being a coordinating
agency. Is there a positive, constructive coordinated effort,
or are we running into turf problems between different
agencies?
Mr. Freeh. My view is that the current coordination is
successful, and we are having discussions, not only with the
NSC, but other agencies, with respect to refining that
cooperation. There are some areas of disagreement. We are
engaged in those discussions now, and we are hopeful that they
will maintain what I think is the current, successful formula.
Senator Gregg. How do you feel, Madam Attorney General,
relative to the NSC's role, and specifically who should be
doing what?
Ms. Reno. I have found that the PDD-39 mechanism as it
exists today has been very, very satisfactory. I have pointed
out on a number of occasions that the NSC has an important
coordinating role. The PDD-39, as it is drafted, specifically
provides that it does not mean that the NSC can direct action
with respect to domestic law enforcement. But what I have found
is that they are just exactly that--a good coordinator. They
have not directed action. They have faithfully communicated my
position to the President of the United States when I am in the
minority, and I have felt that it has been a good working
relationship with proper deference to the fact that the law
enforcement agency should be responsible for domestic law
enforcement and terrorism issues.
Role of National Guard and DOD
Senator Gregg. And the National Guard and the Defense
Department, which is really the biggest part of the equation
out there outside the FBI for domestic issues. Obviously CIA
when we get into international issues, and State. But to what
extent is there a coordinated, comprehensive domestic
preparedness effort that ties in the National Guard and Defense
Department?
Ms. Reno. I think we have much to do on that. Under the
program announced by Secretary Cohen, the Department of Defense
has just established the Consequence Management Program
Integration Office. That office will oversee the integration of
both National Guard and Reserve elements into overall agency
weapons of mass destruction preparedness programs.
Part of the effort is the establishment of 10 rapid
assessment and initial detection elements. As Secretary Cohen
has said, it will be dedicated solely to assisting local
civilian authorities in the event of a chemical or biological
attack. In other words, their main focus is consequence
management, and for that reason they will be aligned with 10
FEMA regions to provide a more flexible and immediate
capability to support a State's response.
In addition to that, I understand that the DOD initiative
also provides for additional training of existing reserves so
they will be better able to assist at home. We need to have
further conversations with the Department of Defense, and as I
indicated, we are having regular meetings with them now, and
this has already been identified as one of the areas that we
should address.
And we need to look at what is happening in the field with
the initiatives that have been undertaken in the field to see
what we can do to improve that coordination.
Domestic preparedness program
Senator Gregg. When I went over there and got briefed by
those folks, they talked about the fact that they have targeted
the first, the top, I think, 120 cities in the country to bring
them up to speed, bringing their fire departments and police
departments up to speed in their capacity to respond to a
weapons of mass destruction attack.
Now, obviously that should be coordinated with the Justice
Department and the FBI. To what extent is it coordinated with
the FBI, this actual education and structuring of the response
on the ground by the community leadership, which is then
followed up by the FBI and FEMA and the first response teams
coming in from wherever they are located?
Mr. Freeh. With respect to not only the designation of the
120 cities, but the carrying out of the first response
training, the FBI has been a participant, a full partner
participant in the planning and is now taking it to the
training and implementation stage.
We hope that all of the 120 cities will receive that
training over the next 18 months to 2-year period. And although
the authorization and appropriation is a DOD funding, we have
been working very closely with them and are satisfied that that
part of the responsibility is being implemented in a way that
will not only give them the technical training, but the liaison
to the Federal counterparts which would be triggered in the
event of an emergency.
Senator Gregg. I am going to have to go vote. I apologize.
I will be back.
[A brief recess was taken.]
DOD-Justice coordination
Senator Gregg. I apologize for the delay.
On the issue of the National Guard and what DOD is doing, I
recognize that you are trying to coordinate with the Defense
Department, and I know it is preliminary and everybody is going
off and trying to do their own thing. What the Defense
Department is doing is excellent. I respect what they have
attempted to do, especially with the National Guard and with
the education, in bringing their various communities up to
speed. Is there anything further we could do to make sure this
was a little more coherent exercise so that Justice knows what
Defense is doing, and vice versa?
Ms. Reno. What I have asked is that we take the initiatives
that have already been pursued in the first of the 120 cities,
and that we analyze those--I think they have been analyzed in
after action reports, but I have not received those--to see
what the problems were, and what we can do to organize better.
Some of these initiatives, and correct me if I am wrong, my
people in the back, have been done, and I understand that they
have been carried out very efficiently and effectively. But
there has not been a coordination through to the Department of
Justice that I am aware of, up to the highest levels that would
involve us all.
Senator Gregg. So how do we get that?
Ms. Reno. Well, I think we are going to get that now. And
then I think we have got to work with the Defense Department,
who has committed, and Deputy Secretary Hamre has committed, to
participating in the National Infrastructure Protection Center.
That should be resolved very quickly. There will be a presence
there, and I think that will be the place that so many of these
issues can be ultimately resolved.
At the same time, as I mentioned, this is one of the
highest priorities in the table of issues that we have
identified for discussion with our meetings with the Defense
Department. So I think these issues will be addressed in short
order.
Status of title V exemption
Senator Gregg. Well, let us also make sure we have the
National Guard at the table, because I think their
responsibility here is going to grow exponentially, because
they are a very logical resource, an underutilized resource.
And I know as a former Governor that they would be an extremely
appropriate agency to turn to, as a Governor, to try to be the
coordinating agency within a State.
Now, on the issue of attacks against the infrastructure,
you have the CITAC effort. You have a number of efforts going
forward to try to coordinate. The Attorney General mentioned
that you folks needed access to better equipment. Obviously, if
you need some legislative language to do that let us know.
You also need personnel. How are we doing on the title V
issue with the OMB? Have we got that straightened out yet, so
we can actually hire people who are capable of doing that
stuff?
Mr. Freeh. Senator, we are working with OMB and OPM very
intensely to get to them what they have required, which is a
paper which addresses recruitment and retention issues, as well
as the authority, which the Congress has now given us, to hire
critical employees in key areas without the restriction of
title V.
I have given our people, and we are working in close
conjunction with the Department's personnel people, within a
very short timeframe, to get the plan up to the requirements
and we think the expectations of the OPM and OMB people.
At that point we will expect them to approve it, and then
we can move forward, and begin these hires.
Senator Gregg. I appreciate that, and this is not directed
at you, but the Congress has been pretty specific on saying
that we want you to have this flexibility. I find it
unconscionable that OMB is standing in the way of all sorts of
efforts in the area of detecting criminal activity in this
country, but specifically the terrorist threat by their
unwillingness to move expeditiously on this issue. That is an
editorial comment.
Ms. Reno. Mr. Chairman, can I just make sure there is no
misunderstanding about that. We owe OMB something.
Senator Gregg. Yes; but they owe the Congress something,
too, which is action.
Ms. Reno. Well, it is our step to be taken, and we are
pursuing it as vigorously as possible, and in my discussions
with OMB I think we will find a receptive ear.
Infrastructure protection
Senator Gregg. OK. Let us hope so.
Now, on these attacks on the infrastructure that come
through technology activity, to what extent do you perceive
these to be internationally driven, and, second, to what extent
are they driven by Government-sponsored international activity?
Mr. Freeh. Many of them, in fact, most of the ones that
have been publicized, quite apparently, have been individual
actors. In many cases, juveniles, even though the juveniles
resided outside the United States.
We are aware of, and we do have information with respect to
planning, at least planning operations by foreign
counterterrorism services, as well as external services, to
attack infrastructure targets. We have gotten that information
through a series of sources. We have not seen any attacks that
we can identify as foreign state-sponsored attacks, but we do
know that it is an area of expertise that many foreign services
have developed, but not to my knowledge as yet utilized here in
the United States.
Senator Gregg. Do you need significantly more resources in
this area?
Mr. Freeh. I think it is an area where we do need
resources, precisely because the nature of these attacks, as
documented by a recent Department of Defense exercise,
indicates that the subtlety, as well as the transparency, of
the intrusions are very capable of not being detected, and that
the more resources and the more interconnectivity, the ability
to trace back upstream bits and pieces of evidence maybe not
apparent on a piece-by-piece analysis, but in a computerized
type of matrix, make a lot more sense.
So I think it is an area where both the Department of
Defense and criminal justice efforts will require more
resources over the years. And I think our budget contemplates
the initiation of that phase.
Israeli hacker case
Senator Gregg. I notice that there was a recent incident
with Israel, and Israeli, not Israel--well, Israel, too, in a
hacker attacking an American Government agency. It did not seem
to me that the Government of Israel was very cooperative in
allowing us to handle that individual from a standpoint of law
enforcement. What is your reaction?
Mr. Freeh. From a law enforcement point of view, we did get
very quick access to the information, as well as the interviews
which were conducted in Israel. Our legat in Tel Aviv
immediately made contact with his counterparts.
I think from an investigative point of view, not maybe a--
--
Senator Gregg. I am talking about a prosecutorial point of
view.
Mr. Freeh. Well, with respect to extradition, those are
issues which have been problems not only in Israel but in many
other countries.
But in terms of access to the information and quick facts
relating to the methodology of the attack, the Israelis were
very forthcoming with us.
Ms. Reno. One of the areas that we are focused on, and we
had an excellent meeting beginning with the P-8 countries in
December, is we are much further advanced than most other
countries in the development of information technology, and in
the reliance on it in our infrastructure.
But the other major industrial countries are right behind
us. And one of the things that is clear and that we have
committed to try to do is to recognize that locating the
intruder is one of the more difficult issues. It requires for
us to really be effective 7 days a week and have the round-the-
clock ability and capacity to respond. And so we are trying to
move in that direction. It requires an ability to locate, and
we are trying to move in that direction.
We are looking at the development of common statutes. Now
that is just the major industrial countries. One of the things
that we have learned with respect to this whole issue is that a
country that is not industrially advanced can be the source of
an intrusion from some very bright young person that can cause
us fits. And so we need to develop the capacity worldwide.
The second point is one that Director Freeh alluded to, and
one that I have concentrated on a great deal during my time as
Attorney General. That is, if we are going to build a
hemisphere and a world of trust, then we are going to have to
trust each other to extradite nationals and to let the crime be
tried and prosecuted where the crime was committed. That is a
slow process, but we are making some progress, not enough.
International cybercrime
Senator Gregg. Well, do we need a new international
convention of some sort to address the issue of cybercrime? I
mean, should there be an international symposium of some sort
on this?
Ms. Reno. As I mentioned in my prepared remarks, we are
spending a great deal of time with the P-8 countries, with the
Council of Europe, and with the OECD in developing just this. I
do not think we are to the point yet where we could develop an
international convention, but this is certainly what we should
be moving toward.
Senator Gregg. How high is this on the agenda of the White
House, when they meet with the G-7, or they meet with the ASEAN
countries? Does this type of topic ever come up? Is it ever put
on their agenda as an item?
Ms. Reno. It has been very much on their agenda, as I
understand it. I have not been there. But the meeting of the
ministers of justice, or the ministers of interior, my
counterparts, this past December was as a direct result of the
priorities established by the leaders of the P-8, and I think
reflects their commitment to this issue.
I know the President is very sensitive to this issue. The
President's Commission on Critical Infrastructure Protection is
a clear example of that, and I think he is, I have felt that he
is very supportive in this effort.
Senator Gregg. Should we have a freestanding operation
under the Justice Department somewhere that specifically
addresses this type of crime?
Ms. Reno. I would like Director Freeh to comment as well,
but one of the problems that you face is that you do not know
what it is going to be. When you see it, you do not know where
it is coming from or who it is. It may turn out to be a
domestic juvenile hacker. It may turn out to be a foreign
power. It may turn out to be a terrorist. We do not know coming
into it, but we have got to have the flexibility to move on to
a different stage of investigation if it should be determined
to be an act of a foreign power, or if it should be determined
to be a terrorist who is systematically taking down the
structures around the country.
This is the reason it is so important, and the initiatives
undertaken by the Department of Defense in conjunction with the
Department, eligible receiver, and our initiatives with respect
to the recent intrusion that you referred to have been so
important.
The National Infrastructure Protection Center, I think,
will be the ideal place to focus responsibility because if you
leave it just as a cyber issue, you will not be able to fully
coordinate the issue when it is both a cyber attack and a
physical attack.
And the way the FBI has set up that structure with this
Counterterrorism Center immediately available to the National
Infrastructure Protection Center I think provides the ideal
coordination with representation. I said 19 on the
Counterterrorism Center, but it is 18 other agencies
represented in the Counterterrorism Center.
If we can build the same capacity in the National
Infrastructure Protection Center, if we can involve the private
sector and State and locals, we will have a system there both
on the terrorist side, the physical terrorism side, and the
cyber side that can be fully coordinated through the FBI's
SIOC, if there is a situation which brings in both physical
terrorism and the cyberterrorism together.
Senator Gregg. Did you want to expand on that?
Mr. Freeh. Yes; I think we are really at the beginning of
what will be seen ultimately as a revolution with respect to
the methodologies by which criminals and terrorists and spies
commit crimes and the ability of the Government, particularly
the Department of Justice, to respond to that.
I think the advent of computers, networks of information,
infrastructures, really does represent a revolution in terms of
what we are charged with combating. I think it is a little bit
akin to the use of the automobile.
The advent of the automobile in the early 1930's, allowing
criminals to commit crimes and to escape and to get access to
new areas to commit crimes really caused a change, a graphic
change in the tools, resources, and authorities required by
Federal agencies to respond to that, as well as the State and
locals.
So I think going back to your question, you will see very
shortly the establishment of new components, particularly in
the Department of Justice. And as the Attorney General
described it, the NIPC is exactly that component which is
responsible for criminal investigation, for early warning, for
research, for State and local training, and to take both the
counterterrorism as well as the criminal aspects of this
technology and put it where it belongs, which is in the
operational capacity of the Department of Justice.
Department of Defense and national security reasons require
other capability on that level. But those two have to be
connected, and I think the NIPC is the first attempt to do
that. But you will see, I think, increasingly in this
Department of Justice, in the FBI, and in your State and local
law enforcement agencies, whole new components which will be
responsible for dealing with a whole new genre of crime.
Technology exploitation
Senator Gregg. As you say, this is a revolutionary event.
As the technology moves, so must you. Is there a review system
that you feel comfortable with that is going to allow you to
anticipate the technology threats and respond to them, rather
than having them occur before you know they exist?
Mr. Freeh. Yes, exactly. The research capacity and the
resources that you and the committee have given to us will be a
first step in that direction. We will report to you by the end
of the year the contours of that research and the objectives as
well as the anticipated benefits.
But the precise idea behind that, which I thought was a
great idea--was not mine, by the way--was to begin looking at
the technology in terms of prevention and acquisition of
techniques and equipment to prevent and defeat attacks, as
opposed to just solving them and reacting to them.
So I think that is the first investment in that, and I
think it is a wise one. I think there will be much more
required, significantly more, as the type of crime that we deal
with grows quickly.
Senator Gregg. How close are we to----
Ms. Reno. Could I add something there, because I think it
is vitally important. With the information infrastructure as it
is in this country today, with so much of the private sector
dependent on it, banking and finance, energy, utilities,
transportation, it becomes absolutely critical that law
enforcement form a partnership with the private sector unlike
perhaps anything that we have seen before, because it is all
interrelated. And one of the things that we have got to
understand is the interconnectivity and how one industry or
sector can affect another, and how we can engage in
preventative efforts.
I think there is, to some extent, a distrust between the
private sector and law enforcement. That distrust is being
broken down by experts from both sides coming together. I had a
wonderful opportunity about 3 weeks ago to speak to scientists
and academics and private sector representatives at the
Lawrence Livermore National Laboratories when I announced the
National Infrastructure Protection Center.
It is so important that we build on that knowledge. They
can give us new ideas about evolving equipment, and evolving
technology that can be vital to our efforts. They can give us
information concerning intrusions that are absolutely vital.
So the steps that we are also undertaking are reaching out,
and the center, as the FBI has designed it, provides for an
outreach component. They are already engaged in that. It is
also important that we reach out to the State and locals in the
same way. And I think not just the expertise, not just the
equipment, but the outreach will be vital, and the partnership
that is developed from that outreach will be vital to our
success.
Encryption
Senator Gregg. How close are we to reaching an agreement on
encryption?
Mr. Freeh. I think we have a lot of work to do. There is
still a----
Senator Gregg. But without an agreement on encryption you
basically do not have a----
Mr. Freeh. Without an ability to deal with robust
encryption with a court order, a lot of these counterterrorism
efforts, a lot of our drug efforts will be defeated. There is
no question about that.
Ms. Reno. My sense is that it is very important for law
enforcement, for the Department of Justice, to pursue these
discussions with the private sector, to build trust, to build
understanding.
We are all in this together, and from my conversations with
the private sector, they are saying, recognize that we are in
this together, and let us see how we can work together. Do not
tell us what to do. Describe the problem to us, and you may
find that the private sector may have more than one solution to
the problem that can be more effective for you.
So it is absolutely critical. Nothing will work unless we
solve this encryption issue. But I think if we just keep
working very hard we will make some real progress in these next
60 days.
Senator Gregg. I think people need to understand that if we
do not solve the encryption issue, the country is basically
open to all sorts of threats--terrorist threat, and obviously
drug dealers.
Ms. Reno. Since this is a forum where people may hear and
say, well, just what does encryption mean, I think it is
important for them to understand what we do today.
Today to get a drug dealer, Director Freeh's agents can
prepare a wiretap application that is very detailed, it
requires probable cause to take it to the court, and the court
approves it. It is clearly authorized and sustained under the
law. We do that in our fight against drug dealers and our fight
against terrorists. What the issues with respect to encryption
are, is not expanding what the FBI can do, but only adapting to
modern technology, which encrypts, and very strong encryption
that cannot be broken, messages, stored data, and even online
access.
So we are not asking for additional authority to surveil.
We are asking that our authority be adapted to modern
technology.
Anthrax threat in Las Vegas
Senator Gregg. Absolutely. Now, on the anthrax threat in
Las Vegas, what did you learn from that that you did not know?
And what should we be doing as a result of that?
Mr. Freeh. Of course, one thing was apparent, which was a
positive event, and that is the fact that the FBI office in Las
Vegas, in conjunction with the other Federal agencies,
particularly with FEMA, with the Department of Defense, and
with the State and local agencies, including the emergency and
rescue operations, and the mayor's office, there was very, very
strong prior cooperative efforts--not particularly in an
exercise involving anthrax--but in exercises involving crisis
management.
The SAC had received that training. The State and locals
were aware of the system that would be triggered, and was
triggered, with the FBI taking the lead in conjunction with
FEMA, and using Department of Defense elements who facilitated
the transportation and analysis back here in Washington.
We are in the midst of doing a postincident review to see
what we could have done better in that regard. We are, however,
pleased with the result, in terms of the response time. The
warning system was triggered, we think successfully, and it
took relatively short time to resolve a very difficult and
complex scientific analysis.
We want to do that quicker in the future. We want to look
at field testing equipment that could be safely and
successfully used to do a more positive and earlier
identification. Although that technology is not where it needs
to be, and is not available now, it probably will be in a short
time, again, as a result of these efforts and resources that
you have given us.
But the coordination was very well done, and that is not my
own view. It is the view of the State and local participants,
the other Federal agencies. And if we had a blueprint for
working together in that kind of incident, it certainly was
evidenced there.
International coordination
Senator Gregg. There was a comment made in a GAO report
that came out dealing with terrorism, if I can find it. It
seemed to imply that we needed to do more in the area of
international coordination. Unfortunately, I cannot find it
immediately. But can you just give us your thoughts on where we
stand in coordinating our overseas efforts with the State
Department, the CIA, and with various agencies, in trying to
anticipate terrorism threats?
Mr. Freeh. With respect to the CIA, and I think I have said
this before, Mr. Chairman, even in this committee, the
relationships between the Bureau and the CIA, not just in the
counterterrorism area, but in all of our across the board
responsibilities could not in my view be stronger. And that is
a testament to George Tenet's leadership, to John Deutsch's
leadership. The Kasi operation, although a fugitive operation,
really put into play the critical elements that are required
for our successful operation together overseas, which is the
headquarters component, and then the foreign, on-the-ground,
coordination.
The State Department was also a key player in that. Under
the PDD-39, the State Department is the lead coordinator for
acts of terrorism outside the United States. We have assembled,
using them in Peru and in some other occasion, the foreign
emergency support team [FEST], the foreign deployed team of
American experts, which represents all of the responsible and
expert agencies to deploy physically and immediately in
response to a counterterrorism attack.
The level of expertise and awareness by the Ambassadors
around the world with respect to counterterrorism has been in
my view enhanced, and better coordinated with our legat
program, the people that we have overseas.
So I think the overall coordination overseas, particularly
with the agency, is good. We are talking about doing with the
State Department what we have done with the CIA, which is
exchanging officers or deputies in key areas of our
counterterrorism responsibilities and international operations.
So we can have that kind of seamlessness. We have an FBI agent
who is a deputy in the counterterrorism center. We have a CIA
officer who is a deputy in our international terrorism section.
We found that that kind of exchange probably does more than
anything else to insure smooth reactions and cooperative
efforts. So in all, I would report very positively on those
endeavors.
Ms. Reno. I would raise one additional point which I think
is important. I think we have got to also continue our efforts
to develop law enforcement capacity in the emerging democracies
in those nations that are coming into democracies.
What the FBI has done with Budapest I think has just been
excellent. I have had a chance to visit there. But anytime a
minister of justice from the Middle European countries comes to
visit, it is just a very eloquent, almost plaintiff plea for
law enforcement training, for institution building, for courts,
for prosecutor training. You realize how fragile democracy is,
and how fortunate we are.
I have had the opportunity to talk with the State
Department, and I am hopeful that we can build capacity around
the world with our allies, and with those nations that work
with us, so that they can respond as well.
I mean, there are different grades and different capacities
now, and the more we can build that capacity for those first
responders, the more it will be helpful, whether it be in drug
enforcement, or anything else.
Pan Am bombing
Senator Gregg. Do we still presume that the two people
responsible for the Pan Am, Lockerbie bombing are in Libya?
Mr. Freeh. Yes, sir; that is our current information. As
you know, there are two defendants who are on our top 10 list,
and efforts are consistently and intensely being followed.
Senator Gregg. Has there been any progress in those
efforts?
Mr. Freeh. No; there are discussions now which have been
publicly reported about agreement on a venue for the trial in
exchange for the delivery of the two defendants. But those have
not concluded in any regard.
Senator Gregg. But we are still pursuing it.
Mr. Freeh. Yes, sir; we are.
Improving response to terrorism
Senator Gregg. Is there anything you need from us as a
Congress to make your ability to respond to the issues of
terrorism which we have gone over here, or any other issues
relative to that question more effective?
Mr. Freeh. Senator, we would just note a couple of things,
and you have really noted many of them in your statements and
your questions. Certainly the continued support for these
initiatives at this particular time is critical.
As I said, I think we have really turned the corner on our
capacity and abilities, and the follow up which will occur in
the next couple of years, based on this type of strong support
by you and your colleagues is obviously critical.
We need assistance on the encryption issue. We are trying
to work that, as the Attorney General said, in a consensus
manner with the industry. We hope that that works. We hope that
we are not required to come back and seek legislation.
There are some other aspects of what we do, from a
technical point of view, and we can certainly provide those to
you and the committee in a separate submission. But minor
amendments to some of the current statutory authority, could be
done, I think, with little trouble.
For instance, the addition of terrorist offenses to the
Federal racketeering statute would certainly be a very prudent
and appropriate use of a statute, which tends to accumulate and
predicate offenses when there is an overriding enterprise
dedicated to committing serious harm, as anybody involved in
terrorism certainly would be.
Authorizing the interception of communications for certain
terrorism-related offenses. In other words, expanding the title
III statute to include as predicates some of the terrorist
offenses. Giving us the ability to do multipoint wiretaps. Not
being able to choose between techniques and coverage, if the
terrorist decides to use a phone or instead talk in an area
where we have probable cause to intercept conversations.
Authorizing the use of pen registers to trap and trace
devices in foreign intelligence and international terrorism
investigations. We do not quite yet have that authority,
although we have asked for it for several years.
Providing temporary emergency wiretap and pen register
authority for terrorist crimes. We can do that now for most
serious criminal offenses. We cannot do it for the terrorism
crimes.
Extending the statute of limitation provision for the
National Firearms Act would be one slight amendment which would
help us in these kinds of cases. Modifying the statutory
exclusionary rule under the wiretap statute to exclude from
coverage those situations where good faith exists.
Clarifying the removal ground of engaging in terrorist
activity in order to permit full and effective utilization of
the alien terrorist removal court. And I think a number of
other provisions. We would be happy to submit those to the
committee in writing, and follow up with type of documentation
or hearing that you would think necessary and appropriate.
Senator Gregg. Thank you. We would like to get those.
We probably would not be able to stick them all in our bill
or we would be shot by the chairman of the Judiciary Committee,
but we can put as many of them in as the Judiciary Committee
can tolerate.
We are joined by the chairman of the Intelligence
Committee, and it is an honor to have him here. I will turn to
you.
prepared statement of Senator Shelby
Senator Shelby. Mr. Chairman, I appreciate you inviting me
over here today, but I have a written statement I would like to
be made part of the record.
Senator Gregg. Of course.
[The statement follows:]
Prepared Statement of Senator Richard C. Shelby
I would like to thank Chairman Gregg and the members of the
Subcommittee for allowing me to sit in on today's hearing and
commend Chairman Gregg for convening a hearing on this
important matter.
We all learned from the World Trade Center bombing and the
Murrah building bombing, among other incidents, that terrorist
acts can occur on American soil. While these acts caused great
damage and loss of life, they are only examples of the impact
of conventional explosive devices. I am concerned that we
recognize the full range of weaponry available to terrorist
actors.
As Chairman of the Select Committee on Intelligence, I am
currently holding a series of hearings in conjunction with
Senator Kyl, the Chairman of the Terrorism Subcommittee of the
Judiciary Committee regarding the full spectrum of terrorist
threats--from international groups and state sponsors of
terrorism, to domestic terrorists producing homegrown poisons.
So far we have learned that there is a significant capability
for terrorist groups to use destructive devices involving
chemical and biological agents. I intend to continue to
investigate the various terrorist threats and hold future
hearings on these matters.
However, as we develop an understanding of the existing
threat we must also take action--the United States must prepare
for any of the many kinds of terrorist acts that could occur. I
commend Chairman Stevens and Subcommittee Chairman Gregg for
instituting the process to develop a national preparedness plan
and I am pleased by the hard work of the Attorney General and
the men and women of the Justice Department as they design and
work toward implementation of this plan.
Specifically, I am encouraged by the conceptual discussions
regarding the creation of an Executive Office for Domestic
Preparedness within the Justice Department. I hope this
proposed office quickly becomes a reality as I believe that it
will facilitate the creation of an effective and comprehensive
national counterterrorism strategy.
I recognize that we are only in the developmental phase of
this process. We have much work ahead of us. It is no small
feat to develop a national response plan that integrates local,
state, and federal assets in the counterterrorism effort. As I
stated earlier, as Chairman of the Select Committee on
Intelligence, I intend to continue to hold hearings to
investigate the nature of the terrorist threat which I believe
will produce findings useful to the development of a national
counterterrorism strategy.
Again, Chairman Gregg and members of the Subcommittee, I
appreciate the opportunity to participate in today's hearing
and look forward to hearing the testimony of the Attorney
General and FBI Director Freeh.
Senator Shelby. I think the hearing that you are having is
very appropriate. Timeliness is everything. I have worked with
the Attorney General, and will continue to work with her, and
also Judge Freeh of the FBI, in dealing with terrorism in every
form.
We have focused on a good bit of this, in the Intelligence
Committee, and as they both know we have some upcoming hearings
when we get back--one closed and one open, because this is a
real threat to America. And how we respond to it, and what we
do with it will depend a lot on what we do here, what you do on
policy, what we do to help you, I believe.
But I want to thank you, Attorney General Reno. Your
leadership as the Attorney General of the United States has
been real focused here. Judge Freeh, you have been outspoken on
this on many occasions before the Intelligence Committee, the
Judiciary Committee, the Appropriations Committee.
It is something that is not going to go away, and we cannot
ever, ever look the other way on, is it?
Mr. Freeh. No, sir.
Senator Shelby. So thank you, Mr. Chairman.
Mr. Freeh. Thank you, Mr. Chairman.
Senator Gregg. Thank you, Senator Shelby. You see, like you
have turf issues in the administration, we have turf issues
here, but we get over them by just having the chairman of the
Intelligence Committee stop by so we get it all straightened
out. I very much appreciate that.
Senator Shelby. I do not know if we have straightened out
anything. But I think that working together, and with the
leadership that the Attorney General brings to the table, and
the Director of the FBI brings to the table, we will make a
significant difference, Mr. Chairman.
Senator Gregg. Well, that is absolutely key. Cooperation
and coordination.
Additional committee questions
And so I thank you both for your time. You have been very
courteous, giving us over a 1\1/2\ hours here, and we very much
appreciate it.
[The following questions were not asked at the hearing, but
were submitted to the Department for response subsequent to the
hearing:]
Questions Submitted by Senator Pete V. Domenici
u.s. attorneys
Question. Attorney General Reno, I regret that I was unable to
attend the hearing on February 24th when you gave testimony on the
President's overall budget request for the Department of Justice for
fiscal year 1999. The following week when the heads of the Immigration
and Naturalization Service (INS), Federal Bureau of Investigation
(FBI), and Drug Enforcement Administration (DEA) were before the
Subcommittee, we discussed the Administration's proposal to provide
additional law enforcement resources to Indian country. I indicated
that I would like to submit a question to you regarding the activities
of the United States Attorneys on Indian reservations. I would
appreciate it if you would accept that question now.
Could you provide the Committee with an idea of the current role
the United States Attorneys play in assisting Indian tribes and pueblos
in their law enforcement efforts?
Answer. The United States Attorneys provide assistance and training
to tribal governments to enhance their ability to address violent crime
and juvenile crime at the tribal level. Federal law enforcement is the
only avenue of protection for the victims of these crimes. United
States Attorneys in Indian Country are effectively district attorneys
for the citizens in their districts; they have the sole responsibility
for prosecuting all major crimes committed by or against Indians on the
reservations in their districts.
Question. Has the overall level of activity of the United States
Attorneys on Indian reservations across the nation increased over the
past one to two years? If so, in what specific areas have United States
Attorneys focused their resources in Indian Country?
Answer. The primary focus has been on violent crimes committed in
Indian Country. Case filings have increased from 330 in 1993 to 531 in
1997, an increase of nearly two-thirds. These cases include all types
of violent crimes from felony basic assaults and murder to child sexual
abuse. However, many instances of violent crime go unreported as there
is limited investigative agency presence. The Administration's proposal
addresses this need and adds a concomitant number of prosecutors
required to direct investigations and prosecute acts of violence.
Question. The fiscal year 1999 budget request includes $3.47
million and 35 positions (26 attorneys) to focus on reducing violent
crime, including gang-related and juvenile crime, on Indian
reservations. How would these additional resources be specifically
utilized if provided by the Congress?
Answer. Our strategies, if these resources were provided, include:
--Fully implementing the Major Crimes Act, the Indian Country Crimes
Act, the Indian Child Protection Act, the Violent Crime Control
and Law Enforcement Act of 1994, the Anti-Terrorism Act of
1996, and the Anti-Gang and Youth Violence Act of 1997;
--Supporting comprehensive strategies to target and fight overall
violent crime, violent gangs, and youth crime through the
establishment and continuation of multi-agency and federal and
tribal task forces, such as the Safe Trails Initiatives and
Weed and Seed designations in Indian Country;
--Continuing the United States Attorneys' support of the Department
of Justice's Anti-Violent Crime Initiative;
--Providing additional assistance and training to tribal governments
to enhance their ability to address violent crime and juvenile
crime at the tribal level; and
--Assisting tribes in developing and implementing Child Protection
Teams and Multi-Disciplinary teams to address the serious
problem of child physical and sexual abuse.
Question. I am under the impression that in New Mexico at least
there is a recognition by the Department and the United States
Attorneys that more must be done to assist Indian tribes and pueblos
with law enforcement efforts? Has the Department recognized this need?
Is that recognition adequately reflected in the fiscal year 1999 budget
request?
Answer. The Department and the Administration recognize the
critical need to assist Indian tribes with law enforcement needs. After
the Presidential initiative was issued, an Executive Committee
consisting of leaders from the federal and tribal governments examined
the law enforcement problems and determined that a substantial infusion
of resources into Indian Country law enforcement is essential. At the
request of the Executive Committee, United States Attorneys led an
unprecedented series of tribal consultations on Indian Country law
enforcement across the country during September and October 1997. A
report was presented to the Attorney General and the Secretary of the
Interior in October 1997 providing options for improvement in public
safety and criminal justice in Indian Country. The needs of the New
Mexico Office were included as were all offices that have exclusive
federal jurisdiction in Indian Country.
counterterrorism technology r&d
Question. With the leadership of our distinguished Chairman,
Senator Gregg, this Subcommittee began a significant counterterrorism
initiative in the 1997 bill. These initiatives were greatly expanded
for fiscal year 1998.
The 1998 Commerce, Justice, State, and the Judiciary Appropriations
bill established a Counterterrorism Fund, providing $52.7 million for
several initiatives. The Fund included $11.5 million to undertake a
counterterrorism technology research and development program. The
Subcommittee provided $1 million for the Attorney General, in
consultation with other federal agencies, to develop a five-year,
inter-departmental counterterrorism and technology crime plan.
Ms. Reno, can you provide the Subcommittee with a status report on
the development of this counterterrorism and technology crime plan?
Answer. The Conference Committee Report accompanying the 1998
Justice Appropriations Act requires the Department of Justice to
develop an interdepartmental Counterterrorism and Technology Five Year
Plan by December 31, 1998. In response to this Congressional directive,
representatives from the Department and the FBI developed an ambitious
13-page outline of issues to be addressed in the final Five Year Plan.
This outline has been circulated to other agencies with key
counterterrorism responsibilities and their comments incorporated into
the outline.
A projected work plan has also been developed to assist the
Department in meeting the deadline of December 31, 1998 for submission
of the final Plan to Congress. In order to ensure the maximum amount of
interdepartmental participation in the development of the Five Year
Plan, a Core Agency Group, consisting of high ranking representatives
of 15 other federal agencies which have various counterterrorism
responsibilities within the government, has been established to help
develop the Plan. The Core Agency Group had its first meeting on March
5, 1998. Each agency was asked to complete a lengthy questionnaire
soliciting information about current and anticipated programs,
training, research and development projects, and projected resource
needs in order to fight the perceived terrorist threat over the next
five years. Responses to the questionnaire will form the basis of a
discussion paper for use by specialized working groups to be
constituted from experts identified within the Core Agencies.
The working groups will meet during the spring to address major
areas of concern, such as crisis management, consequence management,
cyber-terrorism, information sharing and intelligence, critical
technologies/research and development. The working group discussions
and recommendations will form the basis for developing an interim Plan
that will be circulated to state and local officials, academic experts
and experts in the private sector for review and discussion during the
summer. The drafting of the final Five Year Plan will therefore reflect
consultation with the major federal agency participants in efforts to
combat terrorism as well as consultation with affected state and local
representatives, and experts from academia and the private sector. As a
result, the Department expects that the final Plan will be a truly
comprehensive one.
Question. Has the Department submitted a prospectus with estimated
time lines and major milestones for completion of this plan to the
Committees as was requested by February 1?
Answer. The Department has submitted to the Committees the 13-page
outline as well as an organizational chart and a chart of key dates and
milestones for completion of specific phases of the project through
submission of the Five Year Plan to the Committees.
Question. Which specific federal agencies are involved in this
interagency effort?
Answer. We have sought input from more than 20 federal agencies and
components in the development of the Plan. These agencies all have
counterterrorism responsibilities as part of their mission and have
identifiable programs and activities in which they are engaged in order
to carry out those responsibilities. We have asked each of these
agencies to reach down to all their relevant components in responding
to a survey we distributed as our primary information-gathering tool.
The responses we have received thus far indicate that these agencies
are doing just that: they are providing candid and comprehensive
responses. The agencies involved include those with which Congress
directed me to consult in the development of the Five Year Plan: the
Departments of Defense, State and the Treasury, and the Central
Intelligence Agency (CIA) and FBI. In addition, I have sought the
involvement of additional federal agencies and components: the
Departments of Energy (DOE), Commerce, Transportation, and Interior,
the National Security Agency, the Public Health Service (PHS), Federal
Emergency Management Agency (FEMA), the United States Information
Agency, the Nuclear Regulatory Commission, the Environmental Protection
Agency (EPA), the White House Office of Science and Technology, the
General Services Administration, and the United States Postal Service.
Throughout the development of the Plan, we will consult with the Office
of Management and Budget (OMB) as well as the National Security Council
(NSC), to ensure that proposals being considered for inclusion in the
Five Year Plan comport with other vital budgetary and national security
priorities in the area of counterterrorism.
Question. Do you anticipate consulting with Congress as this plan
is developed?
Would you expect to complete this plan by the end of this calendar
year as directed by the Appropriations Subcommittees?
Answer. The Department recognizes the great interest that Congress
has in the development of the Five Year Plan. Understanding this
interest, the Department has been consulting with members of the
Congressional Subcommittees, as well as members of the staff of each
subcommittee, in creating the outline for the Plan and discussing the
proposed development of the Plan from that outline. The Department
anticipates additional consultation with Congress as the Plan develops
during the next several months at the working group level. The
Department has developed the organizational plan and the work plan with
the expectation that the final Plan will be completed and submitted to
Congress by December 31, 1998. The breadth of the outline, as well as
the directive to create a plan that is truly interdepartmental in
nature, however, demonstrates that the project is an extremely
ambitious one.
The Department is committed to working to complete the Plan and
submit it to Congress by the end of this calendar year; the scope of
the project and the amount of interagency coordination required to
finalize a comprehensive Five Year Plan may make that deadline a
challenging one to meet. We will advise the Subcommittees, as the
project progresses during the next several months and as the various
expert working groups meet to develop their recommendations, as to any
necessary adjustments to the present timetable.
Question. How much is requested in the President's fiscal year 1999
budget for the Department of Justice to continue counterterrorism
initiatives?
How does this compare to the funding provided for these programs in
fiscal year 1998? Could you provide these estimates by agency and
program?
Answer. The Department's fiscal year 1998 budget includes $652
million related to counterterrorism/antiterrorism efforts, including
prevention, investigation, prosecution, detention, and incarceration.
This level reflects recent counterterrorism enhancements received in
1995, 1996, 1997, and 1998, as well as prorated segments of agency
program resources related to, or supporting, counterterrorism
activities. In 1999, the Department's counterterrorism-related
resources total $666 million. The chart below breaks out these resource
levels, by agency and by function.
In addition, the following identifies the $60.3 million in specific
agency program enhancements requested in the 1999 budget related to
counterterrorism and threats to the nation's critical infrastructure/
Cybercrime, as well as the current 1998 funding for these programs:
Counterterrorism/Cybercrime Initiative
The United States relies heavily upon its interconnected
telecommunications and automated information systems for basic services
such as energy, banking/finance, transportation, and defense. Any
broadly successful effort by an individual, group, or country to
disrupt, destroy, or deny access to the National Information
Infrastructure (NII) could result in serious economic, defense,
national security consequences. This threat is heightened by the
increasing number of incidents of computer intrusions by individuals
who, although possessing limited resources, have demonstrated the
capability to extensively compromise sensitive computer and
telecommunications networks.
1999 COUNTERTERRORISM AND CYBERCRIME INITIATIVE BY COMPONENT \1\
----------------------------------------------------------------------------------------------------------------
Agents/
Positions Attorneys Amount
----------------------------------------------------------------------------------------------------------------
Federal Bureau of Investigation (FBI)........................... 133 (75) $22,019,000
Criminal Division (CRM)......................................... 17 (13) 1,552,000
Attorney General's Counterterrorism Fund (CTF).................. .............. .............. 36,703,000
-----------------------------------------------
Total..................................................... 150 (88) 60,274,000
----------------------------------------------------------------------------------------------------------------
\1\ Excludes requested United States Attorney resources of 36 positions and $3,630,000, associated with the
prosecution of persons responsible for the commission of criminal offenses involving the use of computers and
computer systems.
CURRENT 1998 COMPONENT CYBERCRIME PROGRAM RESOURCES
----------------------------------------------------------------------------------------------------------------
Agents/
Positions Attorneys Amount
----------------------------------------------------------------------------------------------------------------
Federal Bureau of Investigation (FBI)........................... 167 (99) $23,909,000
Criminal Division (CRM)......................................... 21 (16) 2,345,000
Attorney General's Counterterrorism Fund (CTF) \1\.............. .............. .............. ..............
-----------------------------------------------
Total..................................................... 188 (115) 26,254,000
----------------------------------------------------------------------------------------------------------------
\1\ Of the $52.7 million provided within the CTF in 1998, $20 million is to be used for reimbursing Departmental
components for extraordinary costs incurred in support of efforts to counter, investigate, or prosecute
terrorism, and to restore the operational capabilities of offices destroyed or damaged by terrorist acts. The
remaining $32.7 million in 1998 funds will be used as follows: $1 million to develop a comprehensive
intergovernmental counterterrorism and technology strategy, $10.5 million for counterterrorism research and
development, $16 million for State and local first responder training and equipment, and $5.2 million for
State and local bomb technician training at FBI's Hazardous Devices School.
The Department's 1999 budget includes $60.3 million in additional
funding for counterterrorism/Cybercrime for the following:
Cybercrime and Counterterrorism Investigations.--The FBI's request
includes 124 positions (75 agents) and $11.6 million to establish six
additional Computer Crime Squads in Atlanta, Boston, Charlotte, Miami,
Minneapolis, and Seattle.
Cybercrime/Counterterrorism Coordination, Threat Assessment, and
Early Warning.--The FBI's request includes 9 positions and $10.4
million in additional resources for the National Information Protection
Center (NIPC), formally the Computer Investigations and Infrastructure
Threat Assessment Center. Of this amount, $4.6 million is to conduct
infrastructure vulnerability assessments and $4.3 million is to develop
a comprehensive Early Warning System. In addition, the request includes
funding for training, Computer Crime Squad equipment, and staff to
expand the operations of the Watch and Threat Analysis Unit.
Legal/Technical Challenges.--The Criminal Division's request
includes 17 positions (13 attorneys) and $1.6 million for the Computer
Crime and Intellectual Property Section (CCIPS) to keep pace with the
rapidly changing legal and technological environment associated with
Cybercrime cases. The Criminal Division plays a critical role in the
Federal effort to protect critical infrastructure, secure lawful use of
the Internet, and respond to information warfare. The Division provides
advice to and coordinates Federal efforts with State, local and foreign
governments.
Implementation of the Recommendation of the President's Commission
on Critical Infrastructure Protection.--The Attorney General's
Counterterrorism Fund request includes $36.7 million, including $33.6
million to implement the recommendations of the President's Commission
on Critical Infrastructure Protection, including funding for the
expansion of the NIPC and $3.1 million to ensure the continuance of
essential DOJ/FBI functions during an emergency.
In addition to the requested enhancement, the Counterterrorism Fund
includes $16 million in recurred funding to continue efforts to equip
and train State and local first responders to terrorist incidents.
Question. The FBI has requested $11.6 million and 124 positions
(including 75 agents) to establish new Computer Investigations and
Infrastructure Threat Assessment Squads in six major cities to prevent
computer-related, or ``Cybercrime.'' How does this fit into the
counter-terrorism efforts by the Department?
Answer. The establishment of the Computer Investigations and
Infrastructure Threat Assessment (CITA) squads is due, in part to the
inclusion of the National Information Infrastructure with the FBI's
National Security Threat List, as well as the Presidential Decision
Directive--39, in July 1995. These attacks, which could be carried out
by terrorists, criminals, hackers, or foreign agents, might be directed
against the United States Government or United States corporations,
establishments, or persons and could target physical facilities,
personnel, information, or computer, cable, satellite, or
telecommunications systems. These teams have responsibilities over both
the criminal investigative and the potential national security
implications of computer intrusions.
first responder training
Question. Attorney General Reno, I am concerned about the
Administration's proposal for the Counterterrorism Fund for fiscal year
1999.
The fiscal year 1998 Commerce, State, Justice and the Judiciary
Appropriations bill established a Counterterrorism Fund, providing
$52.76 million for several initiatives. The Fund included $21.2 million
to improve State and Local Response Capabilities in cases of possible
chemical or biological agents or explosive devices. This would be
achieved through the purchase of equipment and gear for first responder
training efforts by experts in the field.
What is the department doing to fully utilize facilities and
expertise in First Responder Training for Weapons of Mass Destruction?
How do you envision this initiative getting some practical results--in
other words, getting training out to the field so that our law
enforcement agencies have the ability to respond to terrorists
incidents if called upon?
Answer. In 1998, Congress provided $21,200,000 in the
Counterterrorism Fund to improve state and local response capabilities
in case of possible chemical or biological agents or explosive devices.
Of this amount, $5,200,000 was provided for the FBI's Hazardous Devices
School at Redstone Arsenal, Hunstville, Alabama. These funds will be
used for the expansion and renovation of the Hazardous Devices School,
which will allow the FBI to double the number of bomb technicians
trained each year for improvised explosives and WMD matters. In
addition, the funding will provide certain items and articles of
equipment for response to improvised explosive devices by bomb squads,
including Percussion Actuated Nonelectric disrupters, robots, and
reference materials.
Congress also provided $16,000,000 in the Counterterrorism Fund for
first responder equipment and training, specifically: (1) $12,000,000
to provide grants for acquisition of terrorism-related equipment for
state and local agencies; (2) $2,000,000 for support operations of the
state and local training center for First Responders at Fort McClellan,
Alabama; and (3) $2,000,000 for operations of a similar training center
at the New Mexico Institute of Mining and Technology. On March 26,
1998, I signed a memorandum delegating responsibility for these
programs to the Assistant Attorney General, Office of Justice Programs
(OJP).
OJP's long history and experience working with state and local
jurisdictions provides the knowledge and infrastructure to effectively
and efficiently administer these programs. OJP will work extensively
with the FBI in curriculum development and determining state and local
requirements for the equipment program. OJP will also coordinate its
efforts with OJP's National Institute of Justice's Office of Science
and Technology and Bureau of Justice Assistance, the Executive Office
of National Security, and other federal agencies as appropriate.
OJP has a long history of working with state and local agencies to
administer and implement grant programs and has established strong,
positive relationships with these jurisdictions. This, combined with
OJP's proven record of designing and implementing anti-terrorism
training for state and local jurisdictions, speaks strongly for OJP's
ability to administer these initiatives and provide first responders
with hands-on training, technical assistance and the field exercises
required to prepare them to meet the challenges of responding to
terrorist acts.
OJP will develop a comprehensive state and local assistance
``umbrella'' that will administer the new equipment program and the
training initiatives at Fort McClellan, Alabama and at the New Mexico
Institute of Mining and Technology, along with OJP's current $5 million
First Responder Training Program for Fire and Emergency Medical
Personnel. This umbrella will provide a focused, responsive, long-term
national capability to execute a comprehensive and highly coordinated
first responder training, test, and exercise program.
OJP's efforts will also include the utilization of a consortium of
universities, research institutions and other facilities that have
resources and expertise critical to the success of any program designed
to assist state and local jurisdictions respond to terrorist acts.
Initially, OJP will coordinate efforts with the several university and
research facilities included in the Conference Report. This will
further ensure that appropriated funds are used in a coordinated and
complementary manner. Further, such a consortium will provide OJP a
means to identify and coordinate resources and expertise that exist at
other universities and institutions across the nation.
OJP's existing grant-making infrastructure will enable it to
effectively and efficiently develop and implement the equipment
acquisition grant program, and will ensure these funds are obligated as
quickly as possible. Such equipment will include protective gear and
detection, decontamination and communications equipment. These
discretionary grants will be jurisdiction-specific and will be awarded
based on guidelines and criteria being developed by OJP in cooperation
with the FBI, which will consider the equipment needs of fire,
emergency medical services, hazardous materials response teams, and law
enforcement. This equipment list is also being coordinated with the
National Fire Academy and the International Association of Fire Chiefs.
OJP will provide necessary technical assistance to the applicant
agencies to ensure that the equipment acquired through this program is
the most appropriate and technologically advanced available. The demand
for first responder equipment is tremendous; there are an estimated
3,000,000 to 5,000,000 first responders working across the Nation.
With respect to the training program under development at Fort
McClellan, OJP is designing an incident management course for fire and
command staff as well as a tactical considerations course for hazardous
materials units and emergency medical personnel. OJP is in the process
of determining what personnel should be trained at the Fort, although
first responder training could be appropriate for state and local law
enforcement, firefighters, emergency medical personnel, public works
personnel, and state and local emergency management employees.
OJP is also working with the New Mexico Institute of Mining and
Technology, which already has a training program in place, to establish
agreements as to training curriculums, trainers and trainee groups.
Question. Is it your intention to develop a comprehensive and
integrated first responder training program that utilizes existing
expertise and resources that are currently available?
Answer. Yes. The Attorney General's decision to delegate to the
Office of Justice Programs (OJP) the responsibility to administer the
first responder training programs at Fort McClellan and the New Mexico
Institute of Mining and Technology was based on OJP's experience in
working with state and local jurisdictions and its existing
infrastructure, which allow it to efficiently implement training and
grant programs. In accepting the responsibility, OJP will coordinate
its national first responder training activities--including curricula
and exercise development--with other federal agencies including the:
FBI, Executive Office of National Security, Department of Defense
(DOD), and FEMA, as well as those universities and national research
facilities with the expertise necessary to provide for a full range of
resources. This collaboration will ensure that our nation's first
responders receive training that is (1) of the highest quality and
utility; (2) non-duplicative; and (3) engineered to provide for the
sustainment of knowledge and lessons learned.
Question. What is the current schedule for the implementation of
the First Responder training program?
Answer. OJP is committed to having the Fort McClellan training
facility operational immediately following the resolution of the
outstanding environmental assessment (EA) that is required by the
National Environmental Policy Act (NEPA). OJP has drafted an
Interagency Agreement (IAA) with the Army Corps of Engineers to assist
us in determining if OJP's planned training activities at Fort
McClellan will pose any significant adverse impact on the environment.
This agreement should be in place soon. Barring any unusual
circumstances, the EA should be complete by June 30, 1998. In the
meantime, OJP is working with the Fort McClellan Reuse and
Redevelopment Authority (FMRRA), and entered into an IAA with them on
May 4, 1998. This IAA will allow FMRRA to begin the pre-implementation
planning activities for OJP such as: refinement of the Program of
Instruction; inventory of existing facilities and equipment;
development of a short-term (18 month) planning strategy and a long-
term use plan; and development of the memorandum of understanding (MOU)
with the Department of the Army for use of specific facilities at Fort
McClellan (classrooms, offices, dormitories, etc). These activities
will be conducted concurrently with the EA.
OJP is also collaborating with the New Mexico Institute of Mining
and Technology (NMI) to develop a first responder training initiative--
similar to the one at Fort McClellan. OJP has had planning meetings
with NMI to discuss NMI's training capabilities and options for how NMI
efforts can support an overall national training approach for first
responders. As a result of these meetings, OJP and NMI have defined a
critical unmet need for NMI to focus its efforts on in 1998.
NMI's principle task will involve building on OJP's progress in
providing critically-needed awareness training to local fire and
emergency medical personnel; specifically, OJP will task NMI to modify
OJP's Emergency Response to Terrorism: Basic Concepts curriculum, which
currently targets local fire and emergency medical personnel, to target
the unmet need for a similar curriculum for local law enforcement
personnel. In addition to modifying the existing curriculum, NMI will
deliver this 16-hour awareness program through training that will
provide both a train-the-trainer component for targeted jurisdictions,
as well as support on-site training by the certified trainers trained
through the train-the-trainer component. This OJP/NMI effort focuses on
local law enforcement and does not duplicate any Nunn-Lugar-Domenici
training activities.
NMI has submitted a preliminary grant application to OJP for
review. A final NMI application will be submitted by May 22, and OJP
plans to make an award to NMI by June 12. In the interim--during the
expected 30-day grant award process--OJP will provide NMI with standard
pre-agreement costs so it can begin its planned program/assessment
activities.
Bringing these two facilities online will provide OJP with two
critical elements in its overall approach to developing and conducting
a national program to train first responders to more effectively and
efficiently respond and manage terrorist incidents, and will complement
OJP's ongoing training, which targets local fire and emergency medical
personnel.
Question. Attorney General Reno, the fiscal year 1999 budget
request includes $52.7 million for the Counterterrorism Fund, the same
as the 1998 level. However, the budget eliminates funding for
technology R&D which is funded at $10.5 million this year. These funds
will be used for first responder training.
Does the 1999 budget request of the Department of Justice include
any funding to continue support for first responder training?
I understand that the Department is planning a $40 million program
for 1999 for first responder training. However, these resources are not
in the Department of Justice budget. What funding does the
Administration plan to use for this purpose in 1999 to continue this
initiative?
Answer. The Department's 1999 budget request includes funding to
continue support for first responder training. The Department has
requested $16 million from the Counterterrorism Fund to continue to
provide Weapons of Mass Destruction response equipment and training for
state and local first responders. In addition, the Department has
requested $5 million in 1999 to continue the first responder training
program for local firefighters and emergency medical service personnel.
The Department is not planning a separate $40 million first
responder training program for 1999. Rather, it is involved, through
the FBI, in the five-year Nunn-Lugar-Domenici Domestic Preparedness
Program (NLDDPP) that provides training and assistance to first
responders. This effort is funded solely through the DOD as authorized
by the National Defense Authorization Act (Public Law 104-201). The DOD
received $39.8 million in 1998 to provide training under NLDDPP and
will receive $49.2 million in 1999. None of these DOD funds have been
provided for use by the Department of Justice in the past, and at the
present time I am not aware of plans to distribute the funds to the
Department of Justice or any other federal agency.
In an effort to consolidate first responder training, I signed a
memo on March 26, 1998, assigning the authority to the Office of
Justice Programs (OJP) to administer three counterterrorism programs
appropriated to me through the Counterterrorism Fund. These programs
include (1) $12 million to provide grants for the acquisition of
terrorism-related equipment for state and local agencies; (2) $2
million to support operations of a state and local training center for
First Responders at Fort McClellan, Alabama; and (3) $2 million for
operations of a similar training center at the New Mexico Institute of
Mining and Technology. This action streamlines these first responder
resources under an organization--namely OJP--that has (1) extensive
experience working with state and local jurisdictions and (2) can
provide the knowledge and infrastructure to administer such programs
effectively and efficiently. OJP will coordinate extensively with the
FBI in curriculum development and recognizing State and local
requirements.
OJP has initiated a discussion with the National Emergency
Management Association (NEMA), the association representing the State
directors of emergency management. OJP officials made presentations on
available terrorism training at NEMA's membership conference held in
September 1997, in Boston, MA and February 1998, in Washington, D.C.
Subsequent to the February conference, NEMA officials asked to meet
with OJP to discuss areas where OJP and the state emergency management
agencies could work more cooperatively in the terrorism area. A meeting
was held with the President of NEMA, the NEMA Executive Director, and
selected state emergency management officials on March 26, 1998, in
Washington, D.C. to begin joint efforts to examine opportunities for
Department of Justice and NEMA cooperation in the area of domestic
terrorism and training and exercises to enhance state and local
preparedness.
OJP will also work with a consortium of universities, research
institutions and other facilities that have resources and expertise
critical to the success of any program designed to assist state and
local jurisdictions respond to terrorist attacks. Initially, OJP will
coordinate with the several university and research facilities included
in the conference report accompanying the 1998 appropriations act. This
consortium should provide OJP with a means to identify and coordinate
resources and expertise that exist at other universities and
institutions across the Nation.
In addition, the OJP will administer the $5 million first responder
training program for local firefighter and emergency medical services
personnel, which is authorized under section 819 of the Antiterrorism
and Effective Death Penalty Act of 1996. This training program provides
basic counterterrorism training and incident management concepts to 120
targeted metropolitan jurisdictions across the nation, which represent
80 percent of the country's population. The 1999 requested funding of
$5 million will allow for seamless continuation of this local training
effort, which began in 1997, and will provide for the training of an
estimated 30,000 individuals.
Question. Is it Nunn-Lugar-Domenici funding that will be provided
through the DOD for use by the Department of Justice?
Answer. The DOD's Domestic Preparedness Program was formed under
the fiscal year 1997 Defense Authorization Bill (Public Law 104-201),
commonly known as the Nunn-Lugar-Domenici legislation. The bill
provides funding for DOD to enhance the capability of Federal, State,
and local emergency responders in incidents involving nuclear,
biological, and chemical terrorism.
DOD received $39.8 million to provide training under Nunn-Lugar-
Domenici in 1998. DOD retains these monies, but in conjunction with
FBI, EPA, FEMA, DOE, and PHS, provides training and reimburses agencies
for costs incurred. The Department of Justice was not appropriated
Nunn-Lugar-Domenici funding from Congress.
Question. Why doesn't the Justice Department budget include funding
to assist in what will surely be an ongoing effort to train state and
local law enforcement and emergency response personnel in
counterterrorism methods and response?
Answer. The Department's 1999 budget request includes funding to
continue support for first responder training. The Department has
requested $16 million from the Counterterrorism Fund to continue to
provide Weapons of Mass Destruction response equipment and training for
state and local first responders. In addition, the Department has
requested $5 million in 1999 to continue the first responder training
program for local firefighters and emergency medical service personnel.
national infrastructure protection center
Question. The 1999 budget does include $33.6 million in the
Counterterrorism Fund to implement the recommendations of the
President's Commission on Critical Infrastructure Protection (PCCIP). I
do not believe that this report has been widely distributed, so could
you describe the various uses to which this proposed funding would be
directed?
Answer. Executive Order 13010 designated as critical certain
infrastructures whose incapacity or destruction would have a
debilitating impact on our defense or economic security. Eight were
named: telecommunications; electrical power; gas and oil storage and
transportation; banking and finance; transportation; water supply;
emergency services (including emergency medical services, police, fire
and rescue); and government services.
On October 13, 1997, the PCCIP submitted its report, entitled
Critical Foundations: Protecting America's Infrastructures, to the
President. The Commission noted that all of the designated critical
infrastructures are increasingly dependent on information and
communications systems that criss-cross the nation and span the globe.
That dependence was cited as a source of rising vulnerabilities. While
the Commission found no evidence of an impending cyber attack or
electrical disaster which would have a debilitating effect on the
nation's critical infrastructure, the panel did find widespread
capability to exploit infrastructure vulnerabilities. Because the
infrastructures are mainly privately owned and operated, the Commission
concluded that critical infrastructure assurance is a shared
responsibility of the public and private sectors. The Commission's
report includes a variety of recommendations for improving the
government's focus on infrastructure assurance, as well as suggestions
for collaborative public and private organizational partnerships. The
Administration is carefully weighing the findings and recommendations
of the Commission and developing appropriate policies.
In recognition of the broad range of the threat to critical
infrastructures, and to bring about an interagency capability to
detect, assess, and act upon threats and intrusion, the Department and
the FBI developed a plan to expand the scope and responsibilities of
its former Computer Investigations and Infrastructure Threat Assessment
Center into a NIPC. As proposed, the NIPC would be jointly staffed by
the FBI, other federal agencies, including the DOD, and the public
sector. The NIPC will serve as a national resource that supports both
cyber and physical emergency response efforts and helps determine if an
incident, or series of incidents, is either a criminal or terrorist
act, an effort to collect intelligence, or a hostile attack initiated
by a foreign power. The NIPC was presented to the Administration for
consideration since it makes policy decisions regarding the findings
and recommendations of the PCCIP.
Funding proposed for the Counterterrorism Fund would be used in
1999 to implement the policies being developed by the Administration,
including the NIPC. As proposed, this funding could be made available
by the Attorney General to any federal agency, not just components of
the Department of Justice, consistent with Administration policy
decisions.
Question. Which organizations would be the recipients of these
funds?
Answer. The funding proposed in the Counterterrorism Fund would be
made available to federal agencies to implement Administration policy
decisions to protect the nation's critical infrastructures.
The FBI, as the host for the NIPC, would be a recipient of the
funds. All entities associated with the NIPC, DOD, United States Secret
Service (USSS), NSA, CIA, other government agencies, state and local
authorities, and members of the private sector will benefit from the
use of these funds as the NIPC mission will be forged as a joint
effort.
Question. Has the Department done an assessment of what resources
might currently be available to meet some of these identified needs
rather than creating a new use for the Counterterrorism Fund?
Answer. Yes, the Department has worked closely with OMB to assess
what resources are currently available to meet the above mentioned
needs to prevent a duplication of effort.
Question. Why is the Department of Justice the lead agency in this
regard?
Answer. The Department of Justice, acting through the FBI, has been
given the lead role because of the FBI's unique role and authorities in
the criminal investigative, counterintelligence, and counterterrorism
area. Threats to the infrastructure can arise from a broad spectrum of
sources, ranging from a disgruntled insider or juvenile hacker
operating within the United States to a foreign intelligence or
military service operating from abroad. Accordingly, the FBI may need
to utilize its criminal investigative authorities and/or its foreign
counterintelligence authorities effectively to investigative and
respond to a cyber threat, depending on the source and nature of the
threat.
In addition, in the cyber world, it is often not possible to
determine in the early stages of an intrusion the source, nature,
scope, objective, or methodology of an attack. Therefore, it is
impossible to determine whether it is a purely domestic, criminal
matter, or involves a threat to the national security. It is also
impossible to determine in many cases whether other agencies like the
DOD or State, or intelligence agencies, have a role to play. However,
in almost all instances, the intrusion will constitute a potential
violation of federal criminal law, providing the FBI with jurisdiction
to investigate. Both private sector owners and operators of the
critical infrastructures have significant roles to play in protecting
the nation's critical infrastructures. The NIPC, as an interagency,
public-private partnership, brings representatives from the affected
entities and establishes direct electronic connectivity with them.
mexico drug certification
Question. I regret that I was unable to attend the hearing earlier
this year where the Attorney General testified about the Department of
Justice budget. I wanted to ask a question of the Attorney General
which is unrelated to today's topic.
Once again this year, the Administration has taken the
controversial step of certifying that Mexico is fully cooperating with
the United States in the drug war. It has been widely reported that you
disagree with that decision, particularly in light of the continued
corruption and increased drug violence in Mexico in the last year.
What role does the Justice Department play in the certification
process?
Answer. The process begins with identification by the President of
the major drug producing and drug transit countries; in 1997, there
were 30 such countries. With respect to each country, the Department of
Justice provides factual information and assessments to Administration
personnel regarding the cooperation, or lack thereof, and compliance
with the goals and objectives of the United Nations Convention Against
Illicit Traffic in Narcotic Drugs and Psychotropic Substances. The
subject areas in which the Department of Justice provided an assessment
were: efficacy of narcotics laws and enforcement, including legislative
initiatives and bilateral law enforcement cooperation; extradition;
mutual legal assistance; money laundering and asset forfeiture; control
of precursor and essential chemicals; maritime cooperation; political
and official corruption; political will; and progress on any benchmarks
set for the country. Various components of the Department of Justice
also reviewed all parts of the draft International Narcotics Control
Strategy Report (INCSR), including the country chapters and special
chapters on money laundering and chemical control.
DEA and FBI support the annual certification process by preparing
country briefings on the major drug producing and transit countries.
These agencies also provide assessments of narcotics enforcement; money
laundering and asset forfeiture; control of precursor and essential
chemicals; maritime cooperation; official and political corruption; and
political will.
Question. Did the Justice Department recommend to the
Administration that it not certify Mexico this year? What specific
facts led the Justice Department to make the recommendation it made?
Answer. It would not be appropriate to reveal the internal
discussions and deliberations regarding the Administration's ultimate
certification decisions. We provided factual information to support our
subject area assessments regarding Mexican cooperation and the other
``major'' countries.
Mexico is an indispensable partner in combating drug trafficking.
While we believe that the Government of Mexico attained some
significant achievements in 1997, there is more that needs to be done.
In 1997, in the Department of Justice's view, President Zedillo
continued to demonstrate his strong commitment to combating narcotics
trafficking, which he recognizes to be the primary threat to Mexico's
national security. In carrying out that commitment, the Government of
Mexico continued to strengthen its national counter-drug efforts in
certain respects.
Extradition and Mutual Legal Assistance.--On November 13, 1997, I
signed with Attorney General Madrazo a protocol to the existing
bilateral extradition treaty to authorize the temporary surrender of
persons for trial purposes and their return after prosecution to
complete the process or sentence against them in the country of their
initial arrest. In addition, the Government of Mexico extradited 13
fugitives to the United States during 1997, six of whom were sought on
drug charges; the Government of Mexico also expelled 10 other fugitives
whose extradition had been requested (one wanted for narcotics-related
offenses).
Moreover, the Mutual Legal Assistance Treaty (MLAT) with Mexico was
used with increasing frequency during 1997 in a wide range of cases,
including narcotics and money laundering investigations. Under the MLAT
and Mexico's Organized Crime Law, the Government of Mexico is now
empowered to transfer important cooperating witnesses from prison in
Mexico to the United States to testify in United States criminal
proceedings.
Money Laundering and Asset Forfeiture.--Further, we have seen some
progress in the area of money laundering and asset forfeiture; the
Mexican Government issued regulations establishing legal requirements
for financial institutions concerning customer identification,
reporting of suspicious transactions, and recording and reporting of
large-value currency transactions.
The Zedillo Administration also introduced new forfeiture
legislation for consideration by the Mexican legislature; the bill
addresses issues relating to the administration and disposition of
forfeited assets and international asset forfeiture assistance. In
addition, the Government of Mexico has provided useful asset forfeiture
assistance in three drug cases: a $9 million civil forfeiture case
against former Deputy Attorney General Mario Ruiz Massieu in Houston
(Southern District of Texas); the criminal forfeiture judgment for $350
million against Juan Garcia Abrego; and the seizure and ongoing
forfeiture actions in the Amado Carrillo Fuentes matters in the
Southern Districts of New York and Florida.
Chemical Control.--In December 1997, the Government of Mexico
passed a comprehensive chemical control law, which for the first time
reaches ``essential chemicals'' used in the manufacture of cocaine and
heroin. Once implemented, this law would bring Mexico into substantial
compliance with the 1988 U.N. (Vienna) Convention.
While the Government of Mexico has made strides in counterdrug
efforts, we would like to stress that more action must be undertaken by
the Mexican Government. Specifically, we would like to see improvements
in the following areas: corruption remains widespread and disabling
within all government institutions; the Bilateral Border Task Forces
(BTF's) continue to be beset by numerous problems, including slow
``vetting'' of investigators and prosecutors, leading to delayed
staffing, and inadequate funding; although Mexican courts have found
several Mexican citizens ``extraditable,'' the appeals process needs to
move inexorably towards the goal of actually extraditing Mexican
citizens on drug charges; there were no successful money laundering
prosecutions in 1997; the Mexican PGR has yet to establish its money
laundering/financial investigations unit; the Government's inability to
follow up on United States leads regarding the illicit diversion of
precursor and essential chemicals; and in an emerging area of
cooperation, we hope to make progress against pharmaceutical drug
diversion, for many licitly manufactured but dangerous prescription
drugs legally sold in Mexican pharmacies are ending up on the black
market in the United States.
Question. Do you think it would bring more credibility to the
certification process if a law enforcement agency like the Justice
Department (including the DEA and FBI) took the lead role in the
certification decision?
Answer. Ultimately, the certification decisions are for the
President to make, with the most fair and objective input possible from
all pertinent government components. The President as the Chief
Executive chooses the lead agency for this purpose. We note that
Congress has designated the United States Department of State to take
the lead in coordinating United States counter narcotics assistance to
foreign countries. See 22 U.S.C. Sec. 2291(b). No other department has
a presence like the State Department by way of embassies in virtually
every country. This puts the State Department in an excellent position
to assess counterdrug performance of each country. Typically, they do
so in very close collaboration with Department components, including
the DEA and FBI.
Question. What role does the State Department play in the work the
Justice Department (including the DEA and FBI) does with Mexico
regarding drug trafficking?
Answer. The State Department through the Narcotics Affairs Section
takes the lead at the political level in our international counter
narcotics cooperation with Mexico. The State Department also plays a
major role in coordinating cooperation and assistance with Mexico. The
law enforcement country officers are housed in the United States
Embassy in Mexico City. The State Department, through the Bureau of
International Narcotics and Law Enforcement Affairs, provides a large
share of the funding for training, technical assistance and other
resources provided by the United States government. Moreover, it does
so in areas that are broader than law enforcement, including demand
reduction and alternative development.
Question. Which federal agencies are the most informed about the
specific counternarcotics activities undertaken by a particular country
and the level of cooperation the United States receives from particular
countries?
If Congress were to change the certification law, is there any
reason why the Justice Department or DEA could not assume the lead
responsibility for advising the President on whether a country is fully
cooperating with the drug effort?
Answer. Each federal agency is obviously best informed in its areas
of responsibility, e.g., the DEA for operational drug law enforcement,
the CIA for intelligence, the Department of Treasury for money
laundering, the United States Coast Guard for maritime interdiction,
and Health and Human Services for demand reduction.
We are not recommending that Congress should change the
certification law at this time. Other components could fulfill this
role, but the State Department has the broadest mandate, and perhaps
the best perspective, to coordinate all international counterdrug
assessments.
Question. Do you agree with the Administration's decision to
decertify Colombia, but grant it a national interest waiver, while
fully certifying Mexico? Were these decisions consistent given each
country's level of cooperation? How would you compare the level of
cooperation received from Colombia with that of Mexico? Did Mexico do a
better job, a worse job or about the same?
Answer. The Department provided factual information to
Administration personnel regarding the cooperation (or lack thereof) of
Colombia. I am happy to discuss with you the Department's law
enforcement/legal assessment of Colombia. However it would not be
appropriate to discuss the internal discussions and deliberations
regarding the Administration's ultimate certification decisions.
From a law enforcement/judicial perspective more action must be
undertaken by the Colombian Government. We are particularly
disappointed with: political corruption at the highest levels of the
Colombian Government; lack of real political will; the Colombian reform
of narcotics sentencing laws which provided excessively lenient
sentence reduction provisions; Colombian drug kingpins' abilities to
continue to operate their criminal enterprises from prison; the
Colombian legislature's failure to enact a law amending their
Constitution to address retroactively the extradition of Colombian
nationals; ineffective chemical control; and failure to forfeit any
assets in 1997.
Nevertheless, the Colombian Government has, in recent months, made
some strides in the two areas: the Government of Colombia did conduct
some narcotics investigations in 1997; and they intensified eradication
efforts, assigning more pilots and airplanes to the mission, which
continued even in the face of armed resistance. Regrettably, however,
new cultivations in areas that were not subject to the spray campaign
have left Colombia with an increase in net coca cultivation--thus
making Colombia number one in the world for coca cultivation.
______
Questions Submitted by Senator Ernest F. Hollings
cybercrime
Question. General Reno, as we all know, the protection of our
nation's computer infrastructure is vital to national security.
However, recent events, such as the one involving an Israeli teen
breaking into a United States Defense Network, have clearly
demonstrated the vulnerabilities that exist in this nation's computer
systems. And as more and more public and private organizations are
connected to the Internet, there is an ever growing potential for cyber
terrorism.
General Reno, how much money are you proposing to spend on
combating threats to our nation's information systems?
Answer. The United States relies heavily upon its interconnected
telecommunications and automated information systems for basic services
such as energy, banking/finance, transportation, and defense. Any
broadly successful effort by an individual, group, or country to
disrupt, destroy, or deny access to the National Information
Infrastructure (NII) could result in serious economic, defense,
national security consequences. This threat is heightened by the
increasing number of incidents of computer intrusions by individuals
who, although possessing limited resources, have demonstrated the
capability to extensively compromise sensitive computer and
telecommunications networks.
1999 Budget Request Related to Cybercrime/Infrastructure Protection
The Department's 1999 budget includes $60.3 million in additional
funding for Cybercrime and threats to our Nation's critical
infrastructure.
1999 COUNTERTERRORISM AND CYBERCRIME INITIATIVE BY COMPONENT \1\
----------------------------------------------------------------------------------------------------------------
Agents/
Positions Attorneys Amount
----------------------------------------------------------------------------------------------------------------
Federal Bureau of Investigation (FBI)........................... 133 (75) $22,019,000
Criminal Division (CRM)......................................... 17 (13) 1,552,000
Attorney General's Counterterrorism Fund (CTF).................. .............. .............. 36,703,000
-----------------------------------------------
Total..................................................... 150 (88) 60,274,000
----------------------------------------------------------------------------------------------------------------
\1\ Excludes requested United States Attorney resources of 36 positions and $3,630,000, associated with the
prosecution of persons responsible for the commission of criminal offenses involving the use of computers and
computer systems.
Cybercrime and Counterterrorism Investigations.--The FBI's request
includes 124 positions (75 agents) and $11.6 million to establish six
additional Computer Crime Squads in Atlanta, Boston, Charlotte, Miami,
Minneapolis, and Seattle.
Cybercrime/Counterterrorism Coordination, Threat Assessment, and
Early Warning.--The FBI's request includes 9 positions and $10.4
million in additional resources for the NIPC, formally the Computer
Investigations and Infrastructure Threat Assessment Center. Of this
amount, $4.6 million is to conduct infrastructure vulnerability
assessments and $4.3 million is to develop a comprehensive Early
Warning System. In addition, the request includes funding for training,
Computer Crime Squad equipment, and staff to expand the operations of
the Watch and Threat Analysis Unit.
Legal/Technical Challenges.--The Criminal Division's request
includes 17 positions (13 attorneys) and $1.6 million for the CCIPS to
keep pace with the rapidly changing legal and technological environment
associated with Cybercrime cases. The Criminal Division plays a
critical role in the federal effort to protect critical infrastructure,
secure lawful use of the Internet, and respond to information warfare.
The Division provides advice to and coordinates federal efforts with
state, local and foreign governments.
Implementation of the Recommendation of the President's Commission
on Critical Infrastructure Protection.--The Attorney General's
Counterterrorism Fund request includes $36.7 million, including $33.6
million to implement the recommendations of the President's Commission
on Critical Infrastructure Protection, of which approximately $27
million would be made available to the NIPC. Resources from the fund
could also be available to reimburse other Federal agencies for their
costs associated with protecting our Nation's critical infrastructure.
Also included in the $36.7 million request is $3.1 million to ensure
the continuance of essential DOJ/FBI functions during an emergency.
The FBI National Infrastructure Protection Center
The FBI's NIPC will take on a larger, interagency role in fighting
Cybercrime and computer intrusions, and will serve as the government's
lead mechanism for responding to an infrastructure attack. To provide
this capability, the NIPC's 1999 requirements are projected to be 85
FBI positions (17 agents) and $51 million, of which 9 positions and
$37.4 million represent program enhancements addressed above.
FBI NIPC RESOURCES
[Dollars in thousands]
------------------------------------------------------------------------
Positions Agt. Amount
------------------------------------------------------------------------
1999 FBI Budget Enhancement......... 9 .......... $10,412
1999 CT Fund Enhancement............ .......... .......... 26,985
-----------------------------------
Subtotal, 1999 Enhancements... 9 .......... 37,397
===================================
1999 Base NIPC Resources \1\........ 76 17 13,865
===================================
1999 Total Requirements....... 85 17 51,262
------------------------------------------------------------------------
\1\ Note: 1999 base reflects the FBI's planned internal reallocation of
7 support positions in 1998.
Question. Will the money you are requesting get our nation's vital
computer systems to a level at which they could be considered ``safe?''
Answer. There is no question that the money we request will make
the nation's vital computer systems much safer and, we hope, will
achieve a level of security reasonable and acceptable for the critical
services they provide. But this will be a difficult, long-term task,
and achieving a nationwide standard of complete network safety is
unlikely in the near future for several reasons. One of these reasons
is that most of the nation's critical information infrastructure is
neither owned nor controlled by government. While government can lead,
teach, promote, deter, and defend, and can even regulate or legislate,
many of the everyday decisions that separate a secure computer from an
exposed one will be made by the private sector. In addition, whether a
computer system is public or private, real computer security rests on
at least four complex elements--all of which must be present and
integrated.
Technical solutions.--As in the physical world, ease and economy of
access to data are constantly at odds with the security of that data.
Every technical advancement that enhances the power, flexibility, and
utility of information networks invites opportunity for technical
errors that create unwitting vulnerabilities. The Boston teenager who
acquired root control of a telephone company switch (and twice
disrupted phone service for significant periods) did so by stumbling
into a vulnerability unknown either to the phone company or to the
manufacturer of the switch. Technology--expertly designed and
employed--can solve many of our computer security problems, and the
Department's initiative is aimed in large measure at promoting
technical solutions. But technology is not perfect and will not be
invulnerable anytime soon. Emerging technologies may also continue to
create communications systems that enhance anonymity and make it more
difficult to attribute harmful or illegal conduct to a particular
individual. As technology develops, we must insure that while privacy
is enhanced, accountability is maintained.
Personnel security.--Even if technology could create perfectly
secure systems, these systems are still administered and used by people
who make mistakes or betray trust. Much of the former can be addressed
by training, which is a large part of the Department's program. But
other aspects of this issue are extremely complex. In these days of
corporate downsizing, outsourcing, deregulation, and multinational
mergers, it is harder than ever for owners or operators of vital
networks to control or even know who has unlimited access. Both in
government and in industry, we have seen cases where, through a series
of subcontracts or international mergers, for example, some surprising
fingers have gained authorized access to sensitive keyboards.
Law enforcement response.--When security breaches occur, government
must have a coordinated network of agents and prosecutors, well-trained
and equipped with state-of-the-art technical tools, to quickly
ascertain the facts, stop the attack, and bring the criminals to
justice. National and international laws--both substantive and
procedural--must be updated and integrated to facilitate rapid global
investigations. This, clearly, is the primary focus of the Department's
program.
Public opinion.--For reasons apparent in the three items discussed
above, computer security is neither easy nor free, but this is not yet
common knowledge. Nor is it widely understood that computer security
can be just as important to national well-being as traditional physical
or national security. As in the physical world, it is much simpler,
cheaper, and faster to access data in a system with no technical
security--no firewalls, one-time password-generators, encryption, or
network security monitors. It is much more convenient not to practice
secure computing or worry about personnel security. It will be very
difficult for industry to ask the public to spend the money and bear
the inconvenience of secure information systems if the public does not
see the need. Thus, working toward public education and awareness is
also an important way in which government can strongly support the
efforts of the private sector to enhance the security of our
information systems.
Question. What are we doing to help private industry safeguard
their vital computer networks?
Answer. Both the Department's CCIPS and the interagency NIPC housed
at the FBI have worked formally and informally with industry to enhance
the security of the private infrastructure. In broad terms, the
Department is supporting industry by working in all four of the areas
discussed above. Some of these efforts include CCIPS's six-year-old
Industry Information Group, countless presentations to industry and
technical conferences, participation with groups such as the Computer
Emergency Response Team (CERT) at Carnegie-Mellon University, the
National Security Information Exchange (NSIE), and the Bankers'
Information Technology Secretariat (BITS). Further, both CCIPS and the
NIPC work closely with industry on security incidents and issues, not
only for criminal investigative purposes, but also for incident
prevention.
The Department and the private sector are increasingly sharing
information and expertise, and the Department is looking for ways to
expand this partnership. Indeed, the NIPC is creating an Outreach and
Field Support Unit to enhance industry ties. The NIPC is also including
industry as a customer of its Watch and Warning Unit so that current
information about system vulnerabilities can be disseminated quickly
and securely. The Department is also experimenting with solutions like
Infraguard, a law enforcement-industry initiative in Cleveland that
establishes protocols for reporting and disseminating information about
security problems.
Question. General Reno, surprisingly, a number of illegal
incursions into restricted computer networks are perpetrated by
teenagers. To many of them, breaking into restricted networks is seen
as a challenge or mischievous prank, and is not intended as a terrorist
act. Nevertheless, their actions are certainly considered criminal
activity, and therefore take valuable investigative resources away from
the investigation of other possible terrorist activity.
So, what will your agency do to impress on young people that this
type of activity is not a game, and that offenders will be prosecuted
to the fullest extent possible?
Answer. First of all, we are prosecuting them to the fullest extent
possible and publicizing that fact, both to deter them and to deter
others. When the statute requires United States Attorneys to obtain
declinations from state prosecutors (where the state has a concurrent
offense), we are doing this in appropriate cases. As you know, the
Boston teenager who interrupted telephone service was prosecuted
federally and his case announced (without his name) at a press
conference by the United States Attorney and Bell Atlantic. News of
this case, specifically written for children (titled ``You CAN Get in
Trouble for Hacking''), will soon be posted on the Department's Web
Page devoted to children, called the DOJ KidsPage (found at
www.usdoj.gov/kidspage). There is material on the KidsPage for
children, parents, and teachers on many topics, and our Cybercrime
materials were created by the prosecutors at the Computer Crime
Section. Already posted are our Internet Rules of the Road--rules by
which children can protect themselves and respect the rights of others.
Also at the site are information and teaching plans to assist
instructors in presenting these issues to children in the classroom.
Soon to be added is an interactive game called ``Are You a Good
Citizen?''
The prosecutors in our Computer Crime Section frequently raise
exactly these issues in presentations to industry and the public, and
have for some time argued the importance of teaching computer ethics in
interviews with the press. Moreover, the Department is beginning plans
for a more extensive public education campaign, which we hope will
elicit the support of industry. We believe strongly that parents,
teachers, and the rest of the adult world must teach our children not
only how to use computers, but also how not to use them.
state and local cooperation
Question. General Reno, as you know, no federal emergency plan will
be successful unless there is close coordination with state and local
governments. In many circumstances, state and local emergency agencies
will be the first responders to a terrorist act. For this reason, the
Nunn-Lugar-Domenici Amendment mandated that contingency plans be
established in the event of a terrorist act involving weapons of mass
destruction (WMD). This preparation includes the establishment of
programs to train emergency personnel at all levels of government in
how to respond to incidents involving WMD. This legislation also
required that the DOD, along with the FBI, FEMA, EPA, DOE, and other
relevant agencies, establish rapid terrorism response teams. These
teams will assist state and local emergency authorities in the
detection, containment, and disposal of WMD. You are requesting $16
million to continue these initiatives.
General Reno, as you have stated, to date 19 cities have received
weapons of mass destruction training from the federal government, and
101 cities are scheduled to receive training in the future. Could you
give us a more detailed description of what that training consists of?
Answer. Training is being coordinated by a federal interagency team
composed of representatives from the FBI, FEMA, DOE, EPA, PHS, and DOD.
Courses were developed to provide the necessary information and job
skills, beyond those that currently exist in the first responder
community, to safely and effectively respond to an incident involving
weapons of mass destruction. These courses are designed to train the
trainers in each of the cities that normally provide instruction to the
first responders. The program uses a team approach combining the skills
and expertise of the nation's nuclear, biological, and chemical
specialists with the skills and expertise of emergency response
experts. Six train-the-trainer courses are offered: Emergency Responder
Awareness; Emergency Responder Operations; HazMat Technician; EMS
Technician; Hospital Provider; and Incident Command. Two additional
courses are offered directly to the specific audience. These include
Basic Awareness, which is a 30-minute video targeted for non-
responders, and a Senior Officials' Workshop designed to instruct
cabinet level officials and department heads.
One hundred twenty cities were selected to receive training under
Nunn-Lugar-Domenici through a collaborative effort. The DOD, with other
federal agencies is authorized to provide training and assistance to
enhance the capabilities of first responders to an incident involving a
weapon of mass destruction. The United States Army Chemical and
Biological Defense Command (CBDCOM), Aberdeen Proving Ground, Maryland,
the center of DOD's chemical and biological expertise, is the lead DOD
agency charged with enhancing existing metropolitan response
capabilities to include nuclear, biological, and chemical incidents.
DOJ's contribution to Nunn-Lugar-Domenici includes one class taught
by the FBI. The FBI provides a terrorism threat briefing course that
consists of a video that discusses the terrorism threat nationally,
followed by information from field office representatives regarding the
local threat.
Following the initial training, table-top, and functional exercises
provide opportunities for trained city participants to demonstrate
practical decision-making applications of the training.
Question. Have the training sessions been successful? Is there any
type of follow up on the part of the federal government? How do we know
that these cities are maintaining their state of readiness?
Answer. The DOJ believes DOD's Nunn-Lugar-Domenici training program
has been lacking; however, efforts are being made to improve the
program. Many cities have voiced their frustrations that initial
training has fallen short of expectations. A process has been developed
to incorporate the cities' suggestions for improvement into subsequent
training classes.
The training is designed to train-the-trainer after which the city
trains itself. Approximately six months following the initial training,
the DOD returns to the city and provides full field chemical training
exercise (FTX). A biological table top exercise is conducted
approximately one month later. Through these exercises, the cities can
assess their readiness levels and make appropriate adjustments to their
training and response levels. DOD contract personnel currently maintain
a listing of individuals whom they train in each city. However, further
records are not compiled by the United States government.
While Nunn-Lugar-Domenici training is supposed to be tailored to
the specific needs of a local jurisdiction, based on preliminary
assessments, actual experience has revealed that much of the training
offered to date is centered on a standard, introductory course. Because
this training is not tailored to the different types of first
responders, it does not meet the specific operational requirements of
firefighters, EMS personnel, or police officers.
The FBI is working to improve communications between DOD and local
public safety agencies through the established channels and close
working relationships that have developed over the years between FBI
field offices and their counterparts in the communities they serve. In
addition, the DOJ is considering structuring the DOJ's State and local
first responder WMD training and equipment programs to provide a city
with more specialized training and the equipment to better prepare and
outfit response agencies after the Nunn-Lugar-Domenici training.
Question. How many state and local task forces have been
established throughout the country? Will these state and local
``emergency responders'' have access to the type of equipment necessary
to effectively deal with an incident involving WMD?
Answer. The Defense Against Weapons of Mass Destruction Act of
1996, enacted as the Nunn-Lugar-Domenici Amendment (Nunn-Lugar II) to
the DOD Appropriations Act for 1997, mandates that the Executive Branch
undertake a number of requirements relating to preparedness to respond
to the terrorist use of chemical and biological weapons within the
United States. The Act mandates that DOD, in coordination with other
relevant federal agencies, establish programs to advise and train
civilian emergency preparedness personnel at all levels of government
in planning for and responding to WMD incidents. In addition, it
directs DOD to establish rapid terrorism response teams for the purpose
of assisting such authorities in the detection, neutralization,
containment, dismantlement, and disposal of weapons of mass
destruction.
Although the FBI does not have ``emergency responder'' task forces
to address life and safety consequences of a WMD incident, i.e.,
decontamination and remediation, the FBI pursues crisis management
planning with federal, state, and local law enforcement groups in order
to prepare and respond, as directed under PDD-39, to WMD incidents.
To enhance the federal, state, and local approach to terrorism, the
FBI has established 16 joint terrorism task forces (JTTF) throughout
the country. These JTTF's have been formed by the FBI to maximize
interagency cooperation and coordination to create cohesive units
capable of addressing terrorism problems within the United States. The
mission of each JTTF is to detect, prevent and investigate individuals
or groups carrying out terrorist acts directed against the United
States.
The JTTF's are composed of 212 full and part-time, federal, state,
and local law enforcement personnel. Federal participants include the
INS, USSS, Bureau of Alcohol, Tobacco and Firearms, United States
Customs, and Postal Inspection Service, among others. Personnel on
these JTTF's also may be members of the FBI's Evidence Response Team or
certified bomb technicians. As such, they will receive training and
related equipment that will allow them to respond to a terrorist
incident involving a WMD.
wire tapping/encryption
Question. General Reno, court ordered telephone intercepts are
critically important to combating all types of crime, including
domestic and international terrorism and counter intelligence threats.
Could you please bring us up to speed regarding implementation of
CALEA and encryption negotiations?
Answer. This information will be forwarded to the Committee as soon
as available.
Question. Have you met with FCC Chairman Kennard to discuss these
issues yet?
Answer. This information will be forwarded to the Committee as soon
as available.
Question. What do you believe is the cost estimate if the
communications industry gets its way on slipping the compliance date
and other CALEA demands?
Answer. This information will be forwarded to the Committee as soon
as available.
nsc domestic antiterrorism czar
Question. General Reno, a recent Washington Post article stated
that a Domestic Anti-Terrorism Czar may be appointed within the
National Security Council. The article stated that this individual
would ``assign roles to the 18 federal departments or agencies--
including the FBI, CIA, and Pentagon--now involved in the
counterterrorism effort, and have authority over everything from the
development of yearly budget plans to rescue efforts after a terrorist
attack.''
General Reno, I thought it was your responsibility to coordinate
efforts dealing with domestic terrorism? Are you comfortable with the
proposal to establish an Anti-Terrorism Czar within the NSC? Do we
really need this additional layer of bureaucracy?
Answer. I strongly support the need for greater coordination of the
counterterrorism plans, resources, and programs of the many departments
and agencies that have important roles in our counterterrorism and
infrastructure protection efforts. The need to achieve greater
coordination and eliminate overlap and redundancy, as you know, is one
of the drivers for the five-year counterterrorism and technology crime
plan that I, along with my colleagues at the Departments of Defense,
State, Treasury, Energy, the CIA, FEMA, and other agencies are
developing. Similarly, I support a more focused effort within the
National Security Council focused on infrastructure issues in order to
ensure that programs across the government and outreach to the private
sector are properly coordinated. I also believe that the President's
National Security Adviser and his staff, in order properly to advise
the President, require a mechanism through which they can receive
timely information about matters in which the Department of Justice is
engaged that affect the President's national security responsibilities.
The NSC, for example, will play a key role in the President's decision
on whether a criminal law enforcement investigation into a serious
cyber intrusion should be treated as an attack on the United States. I
believe that we can develop appropriate procedures that will enable
Department of Justice prosecutors and other personnel to fulfill their
law enforcement missions while facilitating the NSC's role as adviser
to the President.
conclusion of hearing
Senator Gregg. This hearing will be recessed, and we will
move on to marking up the bill in the near future.
[Whereupon, at 11:20 a.m., Tuesday, March 31, the hearing
was concluded, and the subcommittee was recessed, to reconvene
subject to the call of the Chair.]